The City of New Orleans has become the latest major US municipality to suffer a crippling ransomware attack, with a string of public services affected over the weekend.
City workers were ordered to unplug their machines on Friday morning after the suspected attack. Although at a press conference that afternoon it was claimed that there was no official network compromise, tweets over the weekend from mayor LaToya Cantrell revealed the city was “actively involved in recovery efforts.”
According to her last update on Sunday, a slew of services remain impacted including the police department, emergency medical services, the courts, sanitation, the tax office, health department and neighborhood engagement office.
Specifically: the police department is unable to run background checks on the public; delays are expected for non-emergency medical responses; and municipal and traffic courts are closed Monday. There were also warnings of limited connectivity and availability of online files that will hamper healthcare workers, and no computerized searchers are available for job seekers.
The city’s response teams have apparently been in close contact with state-level experts. Louisiana has been on the receiving end of multiple ransomware attacks this year, which in July forced the governor to declare a state of emergency.
However, he has been broadly praised for setting up a state-level Cyber Security Commission which is designed to prepare for and help local governments respond to such breaking threats.
According to Emisoft, over 100 federal, state and municipal governments and agencies have been hit by ransomware in the US this year. Healthcare providers were even more heavily targeted, with an estimated 759 attacked in 2019, while 86 universities, colleges and schools were attacked over the period.
The vendor warned that in some cases, attackers are also exfiltrating data from victim organizations for additional leverage.