New Orleans ransomware attack state of emergency

The City of New Orleans has declared a state of emergency following a cyber attack

Getty

The City of New Orleans has suffered a cybersecurity attack serious enough for Mayor LaToya Cantrell to declare a state of emergency.

The attack started at 5 a.m. CST on Friday, December 13, according to the City of New Orleans’ emergency preparedness campaign, NOLA Ready, managed by the Office of Homeland Security and Emergency Preparedness. NOLA Ready tweeted that "suspicious activity was detected on the City’s network," and as investigations progressed, "activity indicating a cybersecurity incident was detected around 11 am." As a precautionary measure, the NOLA tweet confirmed, the City’s IT department gave the order for all employees to power down computers and disconnect from Wi-Fi. All City servers were also powered down, and employees told to unplug any of their devices.

State of emergency declared by City of New Orleans

During a press conference, Mayor Cantrell confirmed that this was a ransomware attack. A declaration of a state of emergency was filed with the Civil District Court in connection with the incident.

NOLA Ready said that emergency communications had not been affected. Although the "Real-Time Crime Center" had been powered down, public safety cameras were still recording, and incident footage would be available if needed. The police and fire departments continued to operate as usual, and the ability to respond to 911 calls was not impacted.

Information is still scarce, while both the investigation, involving both State and Federal agencies, and the recovery process continue. It's not known what ransomware malware was used during the attack, and Mayor Cantrell has said that no ransom demand has been made at this point in time.

On October 2, the FBI issued a high-impact cyber-attack warning in response to attacks on state and local government targets. This warned that health care organizations, industrial companies, and the transportation sector were also being targeted. Meanwhile, the attacks against government targets continue.

Ransomware attacks against government targets

The ransomware attack that has hit New Orleans follows another that targeted the state of Louisiana in November. Louisiana school district computers were also taken offline, and a state of emergency declared, in response to a ransomware attack in July. It isn't yet known if the two were connected. However, in August, 23 government agencies were taken offline by a cyber-attack on the State of Texas. Which suggests that U.S. municipalities are firmly in the crosshairs of ransomware threat actors.

Colin Bastable, CEO of security awareness training company Lucy Security, said that "state and local government is woefully vulnerable to phishing-led hacking, primarily because CISOs focus on technological defenses when they should also be patching their colleagues with regular simulated ransomware attacks and security awareness training."

"The problem with ransomware attacks is that they are not always immediately apparent," Bastable said, "the attack can be undetected for a relatively long time before being triggered." The New Orleans attack could well have been "initiated in parallel with the recent Louisiana attack," according to Bastable.