The city of New Orleans declared a state of emergency and shut down its network over the weekend due to a cyberattack last Friday morning. As the latest U.S. city or state government to be hacked this year, thankfully New Orleans was prepared and acted quickly to the attack.
Evidence of phishing and ransomware was first detected early last Friday morning. Before noon, the city had activated its emergency operations center and took its system temporarily offline. Essential services, such as the police department, fire department, and EMS, were outside the city’s network and remain unaffected.
While there was no initial indication of passwords or data lost, news this week reported that city workers’ credentials may have been compromised and that the ransomware deployed was Ryuk, used recently against several U.S. governments, including Louisiana itself in November, and several hospitals.
Ryuk ransomware has yielded almost $2 million in ransom from just five city governments. New Orleans has still received no requests for a ransom itself and according to Mayor LaToya Cantrell’s Twitter, were open as normal Monday with only parts of the network still affected.
The Federal Bureau of Investigation (FBI) issued a warning on October 2 stating that ransomware attacks were growing more and more sophisticated. New Orleans is just one of 103 U.S. governments and its agencies—known to be particularly vulnerable, underfunded, and unresourced—attacked by ransomware this year.
In May, Baltimore was hit by RobbinHood ransomware and refused to pay the ransom; important services were shut down before they were finally able to restore their system.
While still early and the extent of damage (if any) remains unknown, city and state officials can learn much from New Orleans’ quick reaction and what Kim LaGrue, head of the city’s IT, calls an “abundance of caution.” Forethought, recent cybersecurity employee training, and strong security and emergency response plans likely stopped the city from significant data loss.
If the FBI is correct and ransomware is once again reaching a critical point, it is absolutely necessary to plan and utilize strong security measures like New Orleans.