Thomas Jefferson’s Monticello was hit by a ransomware attack this week that hampered the historic home’s electronic systems.
The attack was discovered Tuesday, and since then, Monticello has not been able to use its computer or phone systems. The home still is open for tours, but ticket sales and credit card transactions, among other things, must be done manually, according to Ann Taylor, executive vice president of the Thomas Jefferson Foundation.
“We’re working with a variety of IT experts to address the issue and restore services as soon as possible,” said Taylor.
While unable to say when the phones and computers will be fully operable again, Taylor said the attack is not affecting tours of the house and gardens, or operations at the gift shop. Tickets cannot be reserved online, but they can be purchased at the David M. Rubenstein Visitor Center, she said.
The cyberattack also will not affect Monticello’s 55th annual Independence Day Celebration and Naturalization Ceremony next Tuesday, Taylor said. The foundation is in touch with all of the candidates for citizenship, and the event will move forward as planned.
“We’re expecting a lot of people this weekend,” said Taylor. “We are really happy that people are enjoying the great weather and holiday weekend.”
Anyone with questions about scheduling a house tour or attending the July 4 event can call (434) 249-7528 or (434) 872-1490.
Internet provider experts at Monticello said the ransomware was not related to the Petya worm that has shut down many of Ukraine’s public and governmental computer systems. That worm utilizes the same Microsoft vulnerability that was used by the WannaCry ransomware in May, according to computer security firm Symantec.
The vulnerability, and the code that helped access it, is believed to have been stolen from the National Security Agency by hackers and then posted on the internet, according to Symantec.
“Those both used a vulnerability that was patched by Microsoft in March, and so the companies that were harmed were those that had not kept their systems up to date,” said Phil Jaderborg, of PJ Networks Computer Services in Albemarle County. “It’s important to keep computer systems updated.”
Jaderborg said most malware, whether it be ransomware or a virus, is installed on a computer network by the simple opening of an email.
According to Symantec, there were 1.266 million cyber attacks in May, the highest number since November 2015. An estimated one in 422 emails contained a virus or malware. That compares to November 2016’s rate of one in 85 emails containing a malicious payload, Symantec’s figures show.
“If it’s not an email from a known sender, if it is poorly written or unexpected, it’s best not to open it,” Jaderborg said. “If there is an IT department, have someone in IT look it over. Most viruses and malware are installed by an email and that makes it avoidable.”
Jaderborg said there are five safety tips that can limit exposure to hackers and ransomware.
“First, keep Windows operating systems and all operating systems updated, and second, install all third-party patches like Java and Adobe Flash,” he said. “Don’t open suspicious emails that might carry a payload. Have good, up-to-date virus and internet security software and back files and data regularly. That’s the only 100 percent foolproof recovery system."