The New Orleans Ransomware Attack can teach enterprises and local government IT teams about ransomware attacks. What happened during the New Orleans Ransomware Attack? What does it say about the future of cybersecurity?
Let’s review the facts and expert opinions.
The Facts About the New Orleans Ransomware Attack
The New Orleans Ransomware Attack began around 5 AM CST on Friday, December 13. According to the city’s head of IT, Kim LaGrue, the attack had elements of both phishing and ransomware. As a result, the city’s servers needed to be powered down; additionally, all employees were mandated to turn off their computers and disconnect from the city Wi-Fi.
Mayor Latoya Cantrell of New Orleans declared a State of Emergency because of the ransomware attack. Surprisingly, New Orleans did not receive a ransom from the ransomware attack; also, New Orleans seems to have taken attacks on other local governments as a warning. They had mechanisms and policies in place to work offline to prevent downtime, with emergency services still operating.
The state of Louisiana did suffer from a ransomware attack earlier in the year.
What the Experts Say
We got word from a few cybersecurity experts on what the New Orleans cyber attack means for observers.
Adam Laub serves as CMO at STEALTHbits Technologies.
“Modern ransomware variants are incredibly sophisticated and highly difficult to defend against. Gone are the spray and pray days of ransomware. Now it’s about complete compromise, where the ransom aspect is more so a demonstration of just how deep the compromise can become.”
Colin Bastable is the CEO of Lucy Security.
“The problem with ransomware attacks is that they are not always immediately apparent. The attackers may need to navigate from their initial point of entry—usually via phishing email—to the systems and data that they need to encrypt. The attack can be undetected for a relatively long time before being triggered. This attack may have been initiated in parallel with the recent Louisiana attack.”
“As we all know by now, state and local government is woefully vulnerable to phishing-led hacking, primarily because CISOs focus on technological defenses, when they should also be patching their colleagues with regular simulated ransomware attacks and security awareness trainings.”
Endpoint Security Can Help!
Thanks to these cybersecurity experts for their time and expertise! Ransomware can utterly devastate business workflows and can target businesses of all sizes. It isn’t just localized to city governments—an epidemic is just beginning!
To learn more about how to prevent and mitigate ransomware, check out our free Endpoint Security Buyer’s Guide. We cover the top solution providers and their key capabilities in detail!
Latest posts by Ben Canner (see all)
- The Best 7 LinkedIn Endpoint Security Groups You Should Join - January 23, 2020
- Cynet: Over 25 Percent of Alerts are Left Unattended on a Daily Basis - January 22, 2020
- FireEye Acquires Cloudvisory For Cloud Workload Security - January 21, 2020