The City of Tulsa, Oklahoma, has been struck by a ransomware attack that has forced it to shut down systems including online services.

The ransomware attack was detected on Friday and the city said today in a statement on Facebook that it had shut down various servers, internal programs and the city’s email system out of an abundance of caution.

Although it didn’t provide details on the form of ransomware attack, the city claims that no customer information had been compromised. Emergency services through 911 were not affected and the city has implemented various manual processes as an interim measure.

Tulsa’s websites were mostly offline as of about 9:45 p.m. EDT today, with a message on the main page claiming that they are “currently down for maintenance.”

Ransomware attacks targeting municipalities, cities and other local and state governments have been multiplying for years. In a similar case in late April, the Resort Municipality of Whistler in British Columbia, Canada, was struck by ransomware, also causing it to suspend the majority of its services.

The ransomware attack targeting Whistler was a double-tap ransomware attack in that both files were encrypted and data stolen, a form of ransomware attack that has become typical in recent times. Tulsa’s claim that no customer information has been stolen should be taken with a grain of salt, since it would be surprising if at least some data wasn’t stolen in the attack.

“Ransomware continues to be a prolific threat to our local, state and federal governments, as well as essential critical infrastructure like we have seen with the recent Colonial Pipeline attack,” James Carder, chief security officer at security intelligence company LogRhythm Inc. and vice president of LogRhythm Labs, told SiliconANGLE. “Unfortunately, governments will continue to be sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged, and the often-inferior defenses that allow easy exploitation.”

Government entities need to recognize that the possibility of a ransomware attack is only increasing with time and take decisive steps to prepare for them, Carder added. “The attacks we have seen over the last 72 hours are a marked escalation to what was an already major threat,” he said.

Photo: Caleb Long/Wikimedia Commons