New Orleans City Government Hit By Ransomware Attack

Early indications are that the city was hit with a ransomware attack, though no requests or demands appear to have been made of the city as of late afternoon Friday, according to Mayor LaToya Cantrell.

The city of New Orleans powered down its servers and instructed employees to unplug their computers and disconnect from Wi-Fi following an apparent ransomware attack Friday.

The city first detected suspicious activity on its network indicative of a potential cyberattack Friday morning, according to the New Orleans emergency preparedness campaign Twitter account. As a result of the city powering down its servers and employees powering down their computers, all Nola.gov websites are down, according to the city.

Early indications are that the city was hit with a ransomware attack, though no requests or demands appear to have been made of the city as of late afternoon Friday, according to Mayor LaToya Cantrell at a press conference late Friday afternoon. There are no indications that any city information has been compromised, and the city isn’t sure who’s behind the cyberattack, Cantrell said on Friday.

[Related: 5 Emerging Cybersecurity Trends To Watch In 2020]

An internal investigation began into unusual activity at 5 a.m. CT Friday, and confirmed that an attack had occurred at 11 a.m. CT Friday, city officials said at the press conference. City employees reported phishing attempts and other suspicious activity to the city’s IT department Friday morning, according to city officials. The city doesn’t believe employees interacted or provided any information to the adversaries, city officials said.

The city said it has activated its Emergency Operations Center, and is working with cybersecurity resources from the Secret Service, FBI, Louisiana State Police, and Louisiana National Guard. Emergency communications are not affected, the city said, and the police department, fire department, and EMS personnel should be able to respond to emergencies as normal.

The city’s department heads were pictured briefing Mayor LaToya Cantrell on the cyberattack at 3:15 p.m. CT Friday, and the city held a press conference on the cyberattack late Friday afternoon. Citizens looking to submit a non-emergency 311 request are able to do so by visiting nola311.org rather than nolagov.311.

Emergency officials said during the press conferences the city is prepared to respond to serious events without having to rely on digital technologies. Specifically, they said the city’s street cameras are still recording, and footage from those cameras can be obtained manually even though the city’s internet connection is down.

The New Orleans cyberattack occurred four months after ConnectWise Control remote access tool was used to seed the endpoints in a devastating ransomware attack that resulted in portions of 22 Texas town and county networks being locked behind encryption keys. The Texas towns and counties hit by ransomware were all receiving products and services from Rockwell, Texas-based MSP TSM Consulting.

Also in August, the Rockville Centre school district in Long Island, N.Y., paid almost $100,000 to restore its data after being hacked with a ransomware virus that encrypted files on the system’s server. The Nassau County district was among several statewide targeted by a ransomware virus.