New Orleans Suffers Friday the 13th Ransomware Attack

New Orleans Suffers Friday the 13th Ransomware Attack

Friday the 13th of December proved to be a cybersecurity nightmare for the city of New Orleans -- and it’s not over yet. At around 5.00 a.m., “suspicious activity”, including evidence of both ransomware and phishing, was detected on the City’s network. Activity progressed throughout the morning until 11.00 a.m., when a cybersecurity incident was confirmed.

In response, the City took a significant precautionary measure, ordering its employees to disconnect from Wi-Fi, power-down all computers and servers, and unplug their devices - causing major disruption to government services, although emergency 911 services remain unaffected. The City also declared a state of emergency and both state and federal investigations have been launched into the incident.

Alarm bells have been ringing for some time

The attack on New Orleans is a particularly bitter pill to swallow for the State of Louisiana, given that it comes hot on the heels of two significant cyberattacks in that state just this year.

In July 2019, a cyberattack on Louisiana’s school systems led to the issuance of a statewide emergency declaration, while a ransomware attack on the Louisiana Office of Motor Vehicles in November shuttered state servers, online services, and email.

The New Orleans incident also follows a recent “high-impact” cyberattack warning from the FBI alerting organizations and businesses nationwide that, while ransomware attacks are declining in frequency, hackers are looking to maximize damage with new advanced ransomware strategies.

In more bad news, attackers are also concentrating their focus on organizations with a prevalence of known cybersecurity vulnerabilities, such as government, healthcare, and utilities. State and local governments are particularly vulnerable to cyberattacks, writes TechCrunch, since they’re often “underfunded and unresourced, and unable to protect their systems from some of the major threats.”

Government organizations can’t afford to drop their guard

Cleaning up after a cyberattack is a significant undertaking, but the work doesn’t stop there. As the attacks on and within the State of Louisiana prove, clearing one hurdle doesn’t mean the next won’t follow on its heels.

security ratings snapshot example

Request your free Security Rating Snapshot to find the gaps in your security program and how you compare to others in your industry.

Threats are evolving and new vulnerabilities are always emerging, but hackers may also be keeping an eye on how states and cities respond to cyberattacks, exploiting lessons learned to their own advantage. Knowing how one jurisdiction has hardened its systems in response to an attack gives threat actors a pretty good idea of how to find a way around similar defenses somewhere else.

Managing cybersecurity risk in an age of pervasive cyber threats

As the New Orleans attack proves, government organizations are vulnerable. And it’s a disturbing trend. The Big Easy joins the ranks of Baltimore, Pensacola, and more than 70 state and local governments who suffered ransomware attacks in 2019.

Such attacks can be devastating for the communities and jurisdictions involved. They can cost millions in disaster recovery costs and cause untold disruption as IT departments and government leaders scramble to respond, with little recourse but to shut down entire systems.

So how do government leaders better manage cybersecurity risks, so that scenarios like these don’t occur?

With limited resources to protect their environments, it’s critical that focus is placed on the areas that will have the greatest impact on the organization’s overall security posture. However, pinpointing exactly where the greatest risk is can be challenging. Cities, counties, and states are made up of complex interconnected systems and testing the effectiveness of security controls across these vast networks, such as whether a firewall is properly configured, isn’t easy. Audits can help, but they are costly and represent a point in time view into risks and vulnerabilities.

That’s where tools such as Bitsight Security Ratings can help. With Bitsight, organizations can gain a complete and continuous data-driven picture of their cybersecurity posture. With Security Ratings, government security teams can gain unprecedented visibility into key risk vectors (such as unpatched systems or insecure access points), calculate and prioritize that risk, and provide continuous monitoring so that no vulnerability goes unchecked.

With this broader understanding of cybersecurity effectiveness, governments can more effectively identify the most pressing and urgent threats to their networks, make confident and informed decisions about where to focus security resources – and, ultimately, stay one step ahead of nimble threat actors.