16 Dec New Orleans Cyberattack
New Orleans State of Emergency
This past Friday, the city of New Orleans declared a state of emergency due to a cybersecurity attack. The declaration led to the complete shutdown of all city servers and computers, effectively impacting city services such as police, emergency medical services, permit issuing, and more.
In the process of identifying the source of the breach, Kim McGrew, Chief Technology Officer of the city, confirmed that no employees responded or provided credentials and they are waiting for the investigation to reveal how the compromise occurred.
Confirmed Timeline of Events Dec. 13th:
5 am: The first suspicious email was detected.
8 am: Several emails had been discovered. On suspicion of a cyberattack, IT teams were notified.
11 am: The cyberattack was then confirmed. All employees were notified to shut down their computers and ignore all emails.
While the immediate effects weren’t devastating, there were minor inconveniences to many in the city. City Hall offices and clerk of criminal court were shut down, and therefore their services were temporarily down as well. NOPD and EMS were reduced to using radios with their computers down, though this reportedly didn’t cause any issues. Emergency services such as the fire department and 911 remain operational.
State officials and the FBI have been notified and the investigation is underway.
City Hall reopened today (December 16th) and employees have returned to work. Regular NOLA services remain down, but a temporary webpage has been created for 3-1-1 requests at www.nola311.org. Background checks are unavailable and EMS phone lines are still down.
Government Security Problems
This attack is only a month after a ransomware attack against 10% of Louisiana state government computer servers.
Government entities are usually targets of attacks due to their lack of resources and knowledge of how to protect themselves from cyber threats. Reports find that often government computers tun on outdated and unpatched software, creating a window of opportunity. According to the Department of Homeland Security, there were over 35,000 security incidents reported in 2017. This number will continue to grow as new methods emerge and government defense remains at a standstill.
Interested in evaluating your cybersecurity and closing security gaps? Sign up for our software, CyberWatch. It’s free to use, up to 3 assessments.