Following a ransomware attack that first hit IT systems across Oakland, California, on 8th February, the city administration headed by G. Harold Duffy declared a local state of emergencyOpens a new window starting on 14th February. The ramifications of the cyber attack continue to be evident, with several of the city’s non-essential services being taken offline to contain the ransomware attack.
The city assured residents that emergency services such as the fire department and 911 dispatch were unaffected, even though a tweet by the local police department warned of delays in response. Users were encouraged to use online file reports for non-emergency issues. Other affected government services include tax and fine filing systems and permit and license issue systems.
Announcing a state of emergency allows governments to fast-track the processing and acquisition of resources required to get government services back to normal operations. It also allows the local administration to pull in an emergency workforce when required.
James Graham, VP, of cyber risk management firm RiskLens commented on the incident:
“This attack is a prime example of how the interconnectivity of systems and networks throughout cities significantly increases the risk to which they are exposed. Any downtime to emergency or essential services due to a cyber attack is surely dire not only to finances and reputation, but also to human life.
Ransomware is no longer limited to an IT event; it affects entire organizations, sectors and stakeholders. As such, all businesses must understand the cost-benefit ratio of the probable impacts of these attacks, from business interruption to “pay vs. not-pay†on ransomware – well in advance of an attack. That requires a systematic, quantitative risk analysis in financial terms, based on solid data and rigorous, defensible modeling.
With a quantified view of cyber risk in mind, public-sector organizations can not only better prioritize what protections to implement, but also understand how their level of cyber risk might be affected by those decisions.â€
See More: How To Secure Your Network: First, Know What You Have
Multiple Agencies Involved in Investigation
Oakland City has not revealed the amount of ransom demanded by the actors carrying out the attack. The city’s IT department has been collaborating with a major forensics firm, local law enforcement, and federal agencies to investigate the exact nature of the attack and how widely it has spread.
Such an attack on U.S. cities is not a new phenomenon. In the past few years, numerous places across the country have been affected by ransomware attacks, with critical systems being shut down, including schools and election infrastructure across states. Notably, Lake City, Florence City, and Riviera Beach City paid the ransom demanded to recover impacted infrastructure systems.
In January 2023, Microsoft announced that the company was tracking more than 100 threat actors using ransomware in cyber attacks, including BlackCat (aka ALPHV), Lockbit Black, Vice Society, Play, Royal, and Black Basta, among others.
Let us know if you enjoyed reading this news on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We would love to hear from you!