As more of our everyday lives move online, the risks of hackers compromising personal information and shutting down necessary resources are only increasing. 

There were at least 104 ransomware attacks against administrative systems in schools and governments over the course of 2019, according to cybersecurity company Recorded Future

Ransomware attacks cripple a network’s key services and functions as a hacker requests a massive ransom while holding government or school’s data hostage. 

On October 2, the FBI issued a high-impact cyber-attack warning in response to increasing attacks on state and local government targets, including that threats faced governments in addition to health care organizations, industrial companies, and transportation entities. 

Here’s how some cities handled the attacks, and what their responses could mean for future stikes. 

An attack that struck the Georgia city’s computer networks in March 2018 shuttered municipal courts and left residents unable to access services like its traffic tickets or water bill payment systems.

The attackers demanded the government pay $51,000 in Bitcoin to unlock the government’s encrypted systems, which officials denied they were planning on paying. 

Though the government denied paying the ransom, the city was hit with massive costs immediately after the attack, the city deployed several contracts with crisis communications and security agencies totaling $2.7 million

After recovery efforts across the government were rolled out over the course of one year and cost taxpayers around a reported $17 million, the city repeatedly said it did not pay the money demanded by the attackers. 

In November, two Iranian citizens were charged for the attack, as it was revealed the hackers were involved in a nationwide scheme to attack networks of small governments and other public systems. 

On May 7, 2019, a ransomware attack struck the city and froze thousands of government computers, in addition to crippling dozens of other citizen services. 

The hackers demanded a ransom of approximately $80,000 worth of Bitcoin, which the government refused to pay, instead voting in August to take $6 million from parks and public facilities funding to help pay for “cyber attack remediation and hardening of the environment.”

After the Atlanta attack, the crippling of Baltimore’s network marked the second significant shutdown of services in a major American city in the span of one year.  

On December 17 2019, the St. Lucie County Sheriff’s office was knocked offline, shutting down the sheriff’s office email server and the fingerprinting and background check systems.

Much of the office moved to paper record-keeping as the FBI stepped in to help get the networks back online. 

The city of New Bedford was attacked on July 4, 2019, but the city had a stroke of luck as only 4% of government computers were online during the holiday. The hackers demanded a massive ransom of $5.3 million. 

The city instead offered a payment of $400,000 of insurance money. The negotiation tactic reportedly furthered the city’s timeline for investigating and recovering the lost data, and officials later announced that insurance money would cover recouping the systems. 

The city declared a state of emergency and launched an investigation after the police department noticed strange activity on some of its computers around 5 a.m. on December 13, 2019, and had disconnected most of its computers and taken down the city’s website by 11 a.m. to insulate department data. 

The Associated Press reports that the city’s government was uniquely poised to respond to network outages because of systems in place for hurricane responses. 

The attack came after a larger one that targeted the state of Louisiana one month earlier, and after Louisiana school district computers issued the same response to an attempted hack in July.

A ransomware attack in April 2019 infected the majority of the city’s 800 computers and locked all of the city’s files after ransomware was first noticed on a police department computer. 

It took agents from the FBI, National Guard, North Carolina Department of Information Technology, and North Carolina Emergency Management to investigate and recoup from the attack. 

Within two weeks, the town was on the way to repair from its brush with the ransomware variant “RobbinHood” as officials publicly refused to pay the demanded ransom and got the city site back up by themselves. 

The attack was just one in an alarming trend spotted in the state, as by the end of August, Carolina’s News & Observer reported that the North Carolina Department of Information Technology said more ransomware attacks were reported that year than all of 2018. 

A December 7, 2019 cyberattack crippled the city’s network, which shut down the telephone systems, internet servers, and online payment systems at Pensacola’s sanitation and energy departments.

The hackers who claimed to be behind the attack demanded a ransom of $1 million, which the city never confirmed it paid. The Pensacola News Journal reported that the city employed Deloitte on a $140,000 consulting contract to investigate the circumstances around the attack and subsequent response.

Wilmer, a town of just under 4,000 people in north Texas, was struck in August 2019 by a ransomware attack suspected to have originated in China or Russia that took its municipal computers offline. 

The town was one of the most badly hit areas as 22 other state and local governments in Texas were targeted on the same day, which triggered a “Level 2 Escalated Response,” the second-highest possible emergency response level. 

Hackers who claimed responsibility for the attacks demanded a total $2.5 million ransom.

Lubbock County issued a quick response, taking their own files offline and preventing hundreds of thousands of dollars in recovery efforts, according to the Wall Street Journal

Other governments refused to pay and worked in conjunction with the Texas Department of Informational Resources, but services like 911 and online payments took weeks to recover as officials turned to handwritten records. 

Source: Insider | By Ellen Cranley| January 25, 2020 |

To learn more about Cyberattacks, contact us today!

Roberto Baires
Contact us!

Micro Tech Resources | 5700 Stoneridge Mall Road, Suite 285, Pleasanton, CA, 94588