The city government of Oakland, California was targeted by a ransomware attack on February 8th, with non-emergency services such as online payment of parking fines and taxes rendered inaccessible.
The city's systems for processing reports and issuing permits or licenses are also offline, and while 911 dispatch and fire emergency services were not affected, the police department has warned people of delayed response times. The attack has caused the closure of some of the city's buildings, and residents are being asked to email government offices before visiting, while phone lines redirect callers to recorded messages due to an influx of calls.
On February 14th, local officials declared a state of emergency to combat the effects of the attack, enabling them to purchase equipment and materials needed to restore government services, and to deploy emergency workers if necessary. The city's Information Technology Department is currently working with law enforcement and a leading forensics firm to investigate the scope and severity of the issue. While the details of the attack remain unclear, the city has promised to update the public when more information becomes available. Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, shared how organizations can bolster their defenses against ransomware before their compromised:
“The ransomware incident affecting City of Oakland underscores a harsh reality that every governmental agency must confront: a ransomware attack isn’t just a remote possibility but rather a likely imminent event. The major objectives of the threat actors behind these attacks are to be able to halt operations, encrypt crucial operational data, and generally cause havoc in the provision of governmental services.
A better course of action other than relying on paying a ransom is to prepare for this eventuality with the following steps:
Back up your data regularly: Make sure you have a backup of all your important data and files on a separate device or cloud storage. Regularly backing up your data can help you recover quickly in case of a ransomware attack.
Train your employees on ransomware prevention: Educate your employees on how to identify and prevent ransomware attacks. This can include warning them about suspicious emails, not clicking on unknown links, and not downloading or installing unauthorized software.
And make sure to use data-centric security methods such as tokenization and format-preserving encryption protect the data itself rather than the environment around it. Even if hackers get their hands on data, they can’t blackmail organizations with the threat of imminent release of that data. And that’s what ransomware is all about—blackmail. Don’t let that happen to your organization. Accept the eventuality and prepare accordingly.”