We’ve long known that malware can bring corporate and private computers, together with entire IT systems, to their knees. A rash of recent events demonstrates how city authorities are struggling to come to terms with ever more virulent forms of ransomware.
Last week, the mayor of the City of New Orleans declared a state of emergency, following a ransomware attack so insidious, it may have gone undetected for several weeks.
It’s not the first, and unlikely to be the last – all the signs point to the trend growing in 2020.
In the recent case of the City of New Orleans, public state employees were instructed to disconnect from the internet, power-down their devices, refrain from accessing state platforms and await further instructions. The city and federal police bodies investigating the case have confirmed the attack was caught ahead of any ransom demand and, as is typical in ransomware cases, little public information has been provided since.
It’s a drill that has become all too familiar in the corporate world, and public bodies worldwide are just starting to understand the potentially dire consequences having a city’s emergency communications, police, health and public services crippled in this way.
Until recently the key target of ransomware attacks has mainly been large corporates with deep pockets and relatively sophisticated IT systems. More recently, the attackers have turned their attention to cities, no doubt taking advantage of the more distributed, and often poorly funded, IT and data sensitivity vulnerabilities that cities present.
Ransomware is an increasingly common form of crypto-viral extortion, defined as a malicious malware attack that cripples an organisation’s data systems, encrypting files and denying platform access, until a ransom is paid in exchange for an encryption key. Typically, the attack enters an IT system via an email containing a link to malware software, which once downloaded, enters and disables systems, locking down files and platforms.
In some cases, the perpetrator may threaten to publish the attacked organization’s sensitive data, or even wreck further harm on computer hardware and dependent systems.
The New Orleans attack is just the most recent in a string of city-targeted ransomware attacks. Security experts report that the attackers are gaining sophistication in timing their attacks at sensitive moments. Earlier this month, the city of Pensacola in Florida reported a crypto-extortion threat with an associated demand of US$1m in ransom, just one day after a shooting at the Pensacola Navy base, in which three Navy students died.