SECURITY
SECURITY
SECURITY
City of Oakland declares state of emergency after ransomware attack
The City of Oakland, California, has declared a state of emergency after a ransomware attack on Feb. 8 knocked some of its information technology systems offline.
The state of emergency was declared “due to the ongoing impacts of the network outages resulting from the ransomware attack” and allows the city to “expedite the procurement of equipment and materials, activate emergency workers if needed, and issue orders on an expedited basis.”
The form of ransomware used in the attack has not been disclosed. The attack did not affect 911 services, including fire resources, but certain non-emergency systems have been taken offline while the city works to secure and restore services. Services offline include the ability for the city to collect payments, process reports and issue permits and licenses — so maybe the ransomware attack wasn’t that bad after all.
According to an update from the City of Oakland earlier today, the city has ticked off the standard ransomware response list: hiring a third-party forensics firm and working with law enforcement.
Ransomware attacks targeting local governments are not new. Local government is often seen as low-hanging fruit by hackers because of poor cybersecurity practices. In 2019, 23 local governments in Texas were crippled by a coordinated ransomware attack, with those affected refusing to pay the ransoms demanded by those behind the attacks.
“The ransomware incident affecting Oakland underscores a harsh reality that every governmental agency must confront: A ransomware attack isn’t just a remote possibility but rather a likely imminent event,” Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, told SiliconANGLE. “The major objectives of the threat actors behind these attacks are to be able to halt operations, encrypt crucial operational data, and generally cause havoc in the provision of governmental services.”
Sean McNee, vice president of Research at DomainTools LLC, said it’s frustrating to see bad actors targeting infrastructure critical to people’s lives, such as hospitals, higher education, and, in this case, local government.
“Getting operations back up and running quickly becomes top priority, and could unfortunately mean having to pay the ransomware authors,” McNee added. “This tension is why local governments are attractive to bad actors. Paying the ransom or recovering from the attack diverts critical resources from government budgets which should be used to improve their constituents’ lives.”
Photo: Joseph/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
