SECURITY
SECURITY
SECURITY
City of Tulsa forced to shut down systems following a ransomware attack
The City of Tulsa, Oklahoma, has been struck by a ransomware attack that has forced it to shut down systems including online services.
The ransomware attack was detected on Friday and the city said today in a statement on Facebook that it had shut down various servers, internal programs and the city’s email system out of an abundance of caution.
Although it didn’t provide details on the form of ransomware attack, the city claims that no customer information had been compromised. Emergency services through 911 were not affected and the city has implemented various manual processes as an interim measure.
Tulsa’s websites were mostly offline as of about 9:45 p.m. EDT today, with a message on the main page claiming that they are “currently down for maintenance.”
Ransomware attacks targeting municipalities, cities and other local and state governments have been multiplying for years. In a similar case in late April, the Resort Municipality of Whistler in British Columbia, Canada, was struck by ransomware, also causing it to suspend the majority of its services.
The ransomware attack targeting Whistler was a double-tap ransomware attack in that both files were encrypted and data stolen, a form of ransomware attack that has become typical in recent times. Tulsa’s claim that no customer information has been stolen should be taken with a grain of salt, since it would be surprising if at least some data wasn’t stolen in the attack.
“Ransomware continues to be a prolific threat to our local, state and federal governments, as well as essential critical infrastructure like we have seen with the recent Colonial Pipeline attack,” James Carder, chief security officer at security intelligence company LogRhythm Inc. and vice president of LogRhythm Labs, told SiliconANGLE. “Unfortunately, governments will continue to be sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged, and the often-inferior defenses that allow easy exploitation.”
Government entities need to recognize that the possibility of a ransomware attack is only increasing with time and take decisive steps to prepare for them, Carder added. “The attacks we have seen over the last 72 hours are a marked escalation to what was an already major threat,” he said.
Photo: Caleb Long/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
