Friday, December 13, 2019 really was an unlucky day for the City of New Orleans, Louisiana. That’s when the City suffered a serious cyber attack (ransomware). In fact, it was so serious that Mayor LaToya Cantrell actually declared a state of emergency.
According to the City of New Orleans’ emergency preparedness campaign, NOLA Ready, which is managed by the Office of Homeland Security and Emergency Preparedness, the attack started at 5 a.m. CST. NOLA Ready first tweeted that “suspicious activity was detected on the City’s network,” and then again that “activity indicating a cybersecurity incident was detected around 11 a.m.” As expected, the City’s IT department quickly moved to power down servers and computers, and instructed employees to disconnect from Wi-Fi and unplug any of their own devices.
Now, three business days later, the full extent of the ransomware attack remains unclear. The investigation continues and operations are returning to normal. Fortunately, there is no ransom demand (as of yet), but these often do not come until later on down the road.
Louisiana is no stranger to cyber security events or to the issuance of state of emergency declarations in response to them. Believe it or not, the December 13, 2019 ransomware attack was the third such event in just six months. The first occurred in July 2019 when school district computers had to be taken offline. The second took place in November 2019 when state government websites and other digital services had to be deactivated.
Experts in cyber security agree that ransomware poses one of the greatest risks to municipalities across the country. One internet technology company identified 53 ransomware attacks against state and local agencies in 2018, up from 38 the year before. And, that’s probably nowhere near the actual number since ransomware attacks often go unpublicized.
Mitigation and preparedness are key to preventing, addressing, and overcoming cyber security events. Take the usual precautions of using the latest antivirus/antispyware software available, and keeping applications and operating systems current. Also, adopt a formal internet use and email policy, and train employees in basic cyber security principles. Last, but certainly not least, have a plan of acti