Hackers used ransomware to attack the city of New Orleans in December. The attack was the third ransomware hack on the State of Louisiana, and followed ransomware attacks on other cities. Of course, the massive attack created an emergency for the city.
The Response: Unplug everything
Following the attack, the city instructed all of its employees to completely disconnect their systems. This meant disconnecting wifi and unplugging their computers.
How does one communicate about a cyber attack without using the internet? New Orleans officials used the city hall public loudspeaker systems to alert employees about the cyber-attack.
The cause of the hack was uncertain. Employees did not respond to phishing emails. Therefore, it was unclear how hackers got access to the city’s systems.
The city appeared prepared to function after such an attack. Even though its website was down and a great deal of functionality was lost, the city continued to function. Of course, New Orleans police continued to function effectively. They used radios and backup communications to continue their work. Similarly, 911 emergency services continued unabated. In parallel, other services, like scheduling of building inspections, continued manually.
Previous ransomware attacks on Louisiana’s governments included an attack on its school districts and on the state government’s IT network. In recent years, Atlanta and Baltimore bore the brunt of ransomware attacks as well.
The Ransomware Dilemma, Magnified
Ransomware attacks put victims in a difficult situation. This is because paying the ransom encourages more ransomware attacks. On the one hand, if victims never paid the ransom, the attacks would disappear. On the other hand, not paying the ransom means victims will lose valuable data. Naturally, that can make life very difficult and even cripple businesses.
The problem is magnified for governments. Their data relates not “just” to an individual or a business, but to entire cities and states. The potential harm is on a massive, public scale.