Four U.S. cities were hit with ransomware in December, capping off a year of cyberattacks that one cybersecurity firm called an "unprecedented and unrelenting barrage." The malicious software that hijacks computers and encrypts files snarled essential government services in Pensacola, Florida; New Orleans, Louisiana; Galt, California; and St. Lucie, Florida.
Pensacola government telephone and email systems, internet servers, and the online payment system at the sanitation department and Pensacola Energy were rendered inoperable state of emergency was declared in New Orleans after ransomware infected city servers and computers on December 13. In Galt, a suburb of Sacramento, city email and telephone systems were knocked offline on December 16. And on December 17, the St. Lucie County Sheriff's office was knocked offline, including the sheriff's office email server and the fingerprinting and background check systems.on December 7. A
It's not clear which groups were responsible for any of the December attacks, though a group called MAZE claimed responsibility for the Pensacola hack.
In a typical ransomware attack, victims are sent a letter demanding a cryptocurrency payment in exchange for a digital key that will decrypt infected computers. The hackers who claimed responsibility for attacking Pensacola demanded a $1 million ransom. It is unclear if the city paid the hackers, but according to the Pensacola News Journal, the city did pay consulting firm Deloitte $140,000 to investigate the attack.
The city of New Orleans has not disclosed if it received a ransom letter. Officials indicated that the city would bounce back, but said recovery could be slow and costly.
"One positive about being a city that has been touched by disasters," New Orleans' homeland security director Collin Arnold said during a press conference. "Our plans and our activities reflect the fact that we can operate without the internet and without a city network."
While there is little indication of how much the ransomware attack will eventually cost the city, cybersecurity experts at Emsisoft, a firm that specializes in monitoring ransomware, compared the New Orleans incident to a similar ransomware attack that occurred in Baltimore in May. That attack has cost the city over $18 million.
The recent spate of municipal cyberattacks are part of a growing trend of ransomware attacks targeting government. In 2019, ransomware hit 103 federal, state and municipal agencies, 759 healthcare providers, and 86 schools and universities, Emsisoft said in a report that described the "unprecedented and unrelenting barrage" of attacks.
"Ransomware incidents increased sharply in 2019 due to organizations' existing security weaknesses and the development of increasingly sophisticated attack mechanisms specifically designed to exploit those weaknesses," Emsisoft said in the report. "Combined, these factors created a near-perfect storm."
"A lot of these organizations don't have the money for proper cyber-defense or to update their software, which makes them easy targets and low hanging fruit," said Emsisoft spokesperson Brett Callow.