Ransomware attack forces New Orleans to declare state of emergency

Getting your Trinity Audio player ready...

New Orleans has declared a state of emergency following a ransomware attack that began late last week. The city noticed suspicious activity on Friday in the morning hours and a few hours in, the activity had surged. Once the city’s IT team confirmed that the city’s systems were under attack, they shut down the systems. And now, the Mayor has declared a state of emergency as the city strives to deal with the attack.

Mayor LaToya Cantrell took to Twitter to make the announcement, stating that “a disaster and state of emergency exists in the City of New Orleans, warranting the use of all extraordinary measures appropriate to ensure the public health, safety, welfare and convenience.”

A declaration of a state of emergency has been filed with the Civil District Court in connection with today’s cyber security event. pic.twitter.com/OQXDGv7JS4

— The City Of New Orleans (@CityOfNOLA) December 13, 2019

The cyber-attackers have brought some of the city government’s activities to a halt, with several of the systems being unavailable to city workers. However, despite the attackers’ takeover, they are yet to make any demands for ransom.

Cantrell confirmed this in a recent press conference stating, “While ransomware was detected there are no requests made to the city of New Orleans at this time, but that is very much a part of our investigation.”

While ransomware attacks usually cripple their victims, the city of New Orleans has found a way to keep functioning, largely due to its disaster preparedness. The city’s chief information officer Kim LaGrue explained:

“We’ve minimized data loss because part of our strategy is to always monitor for these risks,” she said. “Investigating and looking for suspicious activity is something we do all the time. We are now looking to recover from a very resilient platform.”

LaGrue further revealed that state and federal law-enforcement agencies were already conducting investigations into the attack. The forensic investigation was already in progress. “There is much that we are still to learn about this attack, the mechanisms and what was significantly compromised,” she added.

Police, fire and EMS departments in the city have not been affected by the attack. However, other departments have had to turn to manual processing, city officials revealed. The officials also revealed that the city employees didn’t interact with or reveal their credentials to the hackers. Thus, the attackers haven’t accessed important data, and this is likely the reason they are yet to demand ransom.

Cyber-attacks have become worryingly common in the U.S, with state governments being the attackers’ favorite targets. This is because most state governments’ IT departments are underfunded and hence understaffed. They also lack the latest technology and are an easy target. The hackers are also aware that the state governments can afford to pay ludicrous amounts in ransom.

Hackers have already made away with $400,000 in ransom from Jackson County, Georgia; close to $600,000 from Riviera Beach, Florida; and $130,000 from LaPorte County, Indiana. They have all been paid in crypto.

As shown below, there have been over 260 attacks in the last six years in the United States alone.

Ransomware Attacks Map