New Orleans hamstrung by ransomware attack
The
mayor of New Orleans Friday declared a state of emergency after the city
detected what is now believed to be a Ryuk ransomware attack.
Mayor LaToya Cantrell said the attack closely resembles previous attacks on the state of Louisiana less than a month ago. Louisiana activated its cybersecurity team in mid-November after the state was targeted in an attempted ransomware attack similar to those aimed at government organizations and local school districts during the summer, the newly re-elected Governor John Bel Edwards tweeted at the time.
In
this latest incident, New
Orleans officials began taking systems offline after noticing suspicious
activity, including phishing attempts, last Friday at 5 a.m. “The city remains
actively involved in recovery efforts related to the cybersecurity incident
last Friday and individual agencies and departments will be impacted in various
ways,” Cantrell tweeted
Sunday evening.
In a
series of updates via Twitter, Cantrell said “Regular nola.gov services are
down, however a temporary webpage has been deployed to allow residents to make
3-1-1 requests for service; pay sales, use, and parking taxes; and pay parking
and camera tickets.”
While the mayor also said city hall would be open today during normal business hours, the city tweeted some agencies and departments, such as Juvenile Court, will be closed, though staff is expected to report to work. The police department is continuing its normal operations but “is documenting incidents manually” and temporarily “will not be able to run background checks for the public.” But the Fire Department and Emergency Medical Services were not affected by the attack and cameras operated by the Real-time Crime Center are functioning, Cantrell tweeted.
Calling
New Orleans “the latest in a long line of American cities and towns to suffer a
crippling ransomware attack,” Paul Martini, CEO at iboss, contended, “The fact
that this particular incident impacted the city’s police department proves the
incredibly dangerous power that hackers wield.”
As government
employees continue to do “more work-related business on the go than ever”,
government agencies must take steps to protect “individuals outside of the four
walls of the office,” said Martini. “Preventing attacks like these, which now
qualify as national emergencies, should be a priority at every level of local,
state and federal government.”
Louisiana has been hit this
year by a series
of significant ransomware attacks, and Colin
Bastable, CEO of Lucy Security, said, “This attack may have been initiated in
parallel with the recent Louisiana attack.”
The state is hardly the member of an exclusive club.
“2019 has been a bonanza for ransomware gangs targeting local and state governments,” said Eyal Aharoni, vice president of customer success at Cymulate. “Under-resourced and under-funded, many organizations still don’t take the necessary steps to mitigate such attacks and hackers will continue to reel on their success undeterred in 2020.”
The problem with ransomware attacks, said
Bastable, “is that they are not always immediately apparent. The attackers may
need to navigate from their initial point of entry – usually via phishing email
– to the systems and data that they need to encrypt. The attack can be
undetected for a relatively long time before being triggered.”
Aharoni
expects “New Orleans’ IT team will now be dedicating resources to understand
how the malware (reportedly Ryuk) was triggered and will no doubt heavily
invest their cyberdefenses to prevent similar crises happening in the future.”
Gloss