The city told its employees to shut down their computers as a precaution this weekend after an attempted cyberattack on Friday.
The news: New Orleans spotted suspicious activity in its networks at around 5 a.m. on Friday, with a spike in the attempted attacks at 8 a.m. It detected phishing attempts and ransomware, Kim LaGrue, the city’s head of IT, later told reporters. Once they were confident the city was under attack, the team shut down its servers and computers. City authorities then filed a declaration of a state of emergency with the Civil District Court, and pulled local, state, and federal authorities into a (still pending) investigation of the incident. The city is still working to recover data from the attack but will be open as usual from this morning, Mayor LaToya Cantrell said on Twitter.
Was it ransomware? The nature of the attack is still something of a mystery. Cantrell confirmed that ransomware had been detected, but the city hasn’t received any demands for ransom money.
The positives: New Orleans was at least fairly well prepared for this attack, thanks to training for this scenario and its ability to operate many of its services without internet access, officials told reporters.
A familiar story: New Orleans is just the latest government to face ransomware attacks, after nearly two dozen cities in Texas were targeted in August, plus Louisiana in November (causing the governor to declare a state of emergency). The phenomenon goes beyond the US, too: in October Johannesburg became the biggest city yet to face a ransomware attack.
Why are government authorities such juicy targets ? They usually lack the resources or know-how to adequately protect their systems, and often run machines on outdated, unpatched software. And of course, ransomware can be a lucrative business: some of the victims just pay up.
Sign up here to our daily newsletter The Download to get your dose of the latest must-read news from the world of emerging tech.