New Orleans Suffers Friday the 13th Ransomware Attack

Brian Thomas | December 17, 2019

Friday the 13th of December proved to be a cybersecurity nightmare for the city of New Orleans -- and it’s not over yet. At around 5.00 a.m., “suspicious activity”, including evidence of both ransomware and phishing, was detected on the City’s network. Activity progressed throughout the morning until 11.00 a.m., when a cybersecurity incident was confirmed.

In response, the City took a significant precautionary measure, ordering its employees to disconnect from Wi-Fi, power-down all computers and servers, and unplug their devices - causing major disruption to government services, although emergency 911 services remain unaffected. The City also declared a state of emergency and both state and federal investigations have been launched into the incident. 

Alarm bells have been ringing for some time

The attack on New Orleans is a particularly bitter pill to swallow for the State of Louisiana, given that it comes hot on the heels of two significant cyberattacks in that state just this year.

In July 2019, a cyberattack on Louisiana’s school systems led to the issuance of a statewide emergency declaration, while a ransomware attack on the Louisiana Office of Motor Vehicles in November shuttered state servers, online services, and email.

The New Orleans incident also follows a recent “high-impact” cyberattack warning from the FBI alerting organizations and businesses nationwide that, while ransomware attacks are declining in frequency, hackers are looking to maximize damage with new advanced ransomware strategies

In more bad news, attackers are also concentrating their focus on organizations with a prevalence of known cybersecurity vulnerabilities, such as government, healthcare, and utilities. State and local governments are particularly vulnerable to cyberattacks, writes TechCrunch, since they’re often “underfunded and unresourced, and unable to protect their systems from some of the major threats.”

Government organizations can’t afford to drop their guard

Cleaning up after a cyberattack is a significant undertaking, but the work doesn’t stop there. As the attacks on and within the State of Louisiana prove, clearing one hurdle doesn’t mean the next won’t follow on its heels.

Threats are evolving and new vulnerabilities are always emerging, but hackers may also be keeping an eye on how states and cities respond to cyberattacks, exploiting lessons learned to their own advantage. Knowing how one jurisdiction has hardened its systems in response to an attack gives threat actors a pretty good idea of how to find a way around similar defenses somewhere else.  

Managing cybersecurity risk in an age of pervasive cyber threats

As the New Orleans attack proves, government organizations are vulnerable. And it’s a disturbing trend. The Big Easy joins the ranks of Baltimore, Pensacola, and more than 70 state and local governments who suffered ransomware attacks in 2019.

Such attacks can be devastating for the communities and jurisdictions involved. They can cost millions in disaster recovery costs and cause untold disruption as IT departments and government leaders scramble to respond, with little recourse but to shut down entire systems.

So how do government leaders better manage cybersecurity risks, so that scenarios like these don’t occur?

With limited resources to protect their environments, it’s critical that focus is placed on the areas that will have the greatest impact on the organization’s overall security posture. However, pinpointing exactly where the greatest risk is can be challenging. Cities, counties, and states are made up of complex interconnected systems and testing the effectiveness of security controls across these vast networks, such as whether a firewall is properly configured, isn’t easy. Audits can help, but they are costly and represent a point in time view into risks and vulnerabilities.

That’s where tools such as BitSight Security Ratings can help. With BitSight, organizations can gain a complete and continuous data-driven picture of their cybersecurity posture. With Security Ratings, government security teams can gain unprecedented visibility into key risk vectors (such as unpatched systems or insecure access points), calculate and prioritize that risk, and provide continuous monitoring so that no vulnerability goes unchecked.

With this broader understanding of cybersecurity effectiveness, governments can more effectively identify the most pressing and urgent threats to their networks, make confident and informed decisions about where to focus security resources – and, ultimately, stay one step ahead of nimble threat actors.

bitsight security ratings report

Suggested Posts

Market-Changing Research Reveals Link Between Strong Cybersecurity and Stock Price

One of the biggest questions in cybersecurity now has an answer… and the implications are significant for investors, policymakers, corporate executives, and cybersecurity professionals alike. 


5 Ways to Transform Your Security Program

Between difficulty communicating with boards and executives, decreasing budgets, and difficulty measuring how exactly risk was being reduced, security leaders are under pressure to change the way they do things. The situation for security...


What Companies Using Cloud Services Need To Know About Their Risk Responsibilities

Cloud computing is not new to the cyber world; it’s here to stay. Web services are common in our everyday lives and workplaces, with things like Facebook, Salesforce, JIRA, Adobe, and GSuite all falling into the cloud-based category. But...


Subscribe to get security news and updates in your inbox.