The City of Oakland, California, has declared a state of emergency after a ransomware attack on Feb. 8 knocked some of its information technology systems offline.

The state of emergency was declared “due to the ongoing impacts of the network outages resulting from the ransomware attack” and allows the city to “expedite the procurement of equipment and materials, activate emergency workers if needed, and issue orders on an expedited basis.”

The form of ransomware used in the attack has not been disclosed. The attack did not affect 911 services, including fire resources, but certain non-emergency systems have been taken offline while the city works to secure and restore services. Services offline include the ability for the city to collect payments, process reports and issue permits and licenses — so maybe the ransomware attack wasn’t that bad after all.

According to an update from the City of Oakland earlier today, the city has ticked off the standard ransomware response list: hiring a third-party forensics firm and working with law enforcement.

Ransomware attacks targeting local governments are not new. Local government is often seen as low-hanging fruit by hackers because of poor cybersecurity practices. In 2019, 23 local governments in Texas were crippled by a coordinated ransomware attack, with those affected refusing to pay the ransoms demanded by those behind the attacks.

“The ransomware incident affecting Oakland underscores a harsh reality that every governmental agency must confront: A ransomware attack isn’t just a remote possibility but rather a likely imminent event,” Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, told SiliconANGLE. “The major objectives of the threat actors behind these attacks are to be able to halt operations, encrypt crucial operational data, and generally cause havoc in the provision of governmental services.”

Sean McNee, vice president of Research at DomainTools LLC, said it’s frustrating to see bad actors targeting infrastructure critical to people’s lives, such as hospitals, higher education, and, in this case, local government.

“Getting operations back up and running quickly becomes top priority, and could unfortunately mean having to pay the ransomware authors,” McNee added. “This tension is why local governments are attractive to bad actors. Paying the ransom or recovering from the attack diverts critical resources from government budgets which should be used to improve their constituents’ lives.”

Photo: Joseph/Flickr