It is always worrying when a city government is hit by a ransomware attack. That appears to be what happened to the New Orleans City Hall on December 13, 2019. According to the New Orleans Times-Picayune, workers were told a cyberattack had struck the city government.
The workers were told to turn off and unplug their computers. City websites were down. In addition, the New Orleans Police Department was also told to shut down their computer equipment and remove everything from the network. This is not the first time Louisiana has had this problem.
State government was hit by a ransomware attack last month, though it was able to restore its system without giving in to demands. Gov. John Bel Edwards declared a state of emergency, and the state Office of Motor Vehicles was hit especially hard, with many of its offices forced to close for several days.
In a press conference, Chief Information Officer Kim LaGrue said there was evidence of both phishing attempts and ransomware. No city employees reported providing login information in response to the emails, thanks to cybersecurity training that started in the fall of this year. It was unclear if ransomware had been installed or had begun to encrypt any city systems.
The odd thing about this situation is that, according to Mayor LaToya Cantrell, no requests for money had been made as a result of the ransomware attack.
Typically, thieves who use ransomware demand a specific amount of money, in a certain currency, to be delivered to them before a deadline. If the attacker wasn’t after money – what were they looking for?