Global public infrastructure hit by ransomware attacks

Power has been knocked offline in Johannesburg and three schools districts are compromised in Louisiana

The Governor of Louisiana has declared a state of emergency after a handful of school districts across the state were hit by a wave of ransomware attacks.

The IT networks of at least three school districts - Sabine, Morehouse and Ouachita - were taken down after the attack last week, with local files encrypted by a gang of cyber criminals. Governor John Edwards has, as a result, declared a statewide emergency while authorities probe whether other public services and government agencies may be at risk.

This is the first time the state has declared such an emergency and allows for a greater level of state resources to be dedicated to ongoing investigations. Cyber security experts from Louisiana National Guard, State Police and the Office of Technology Services are also being roped into helping local government agencies prevent any further data loss.

"The state was made aware of a malware attack on a few north Louisiana school systems and we have been coordinating a response ever since," Edwards said.

"This is exactly why we established the Cyber Security Commission, focused on preparing for, responding to and preventing cybersecurity attacks, and we are well-positioned to assist local governments as they battle this current threat."

Meanwhile, a power supplier based in the South African city of Johannesburg was also struck by a malware attack yesterday as citizens with prepaid metres were unable to buy electricity or upload invoices.

The ransomware virus encrypted all of City Power's databases, applications and its network, effectively leaving people facing blackouts that, in some cases, have lasted more than 12 hours. The city of Johannesburg-owned energy supplier is working to restore power to affected regions.

This, of course, also follows a significant attack on the city of Baltimore in May in which thousands of government computers were infected public services were rendered offline for more than two weeks. Recovery costs for the attack are estimated to exceed $18 million.

This comes at a time where organisations in the UK have experienced an explosion of ransomware attacks since the start of the year. So far in 2019, researchers learned there have been 2.4 million encrypted malware attacks, almost the same number as detected throughout the whole of 2018, 2.8 million.

Both attacks also highlight just how tempting a target national critical infrastructure can be to cyber criminals, especially given the public sector cannot always boast the same degree of security and expertise as private sector organisations.

The Ukranian 'black energy' crisis, in which a virus took down the country's power grid, is among the most famous examples of cyber criminals crippling critical national infrastructure.

The UK's Joint Committee on the National Security Strategy (JCNSS), meanwhile, warned that it's "impossible" to protect the UK's national critical infrastructure from the sort of rampant cyber attacks that have struck Louisiana and Johannesburg.

An increasingly complex security landscape and the government's own shortcomings in assessing how widely connected infrastructure is becoming has been touted as potentially leaving the UK exposed to a second WannaCry-style attack.

The WannaCry virus, which crippled the NHS especially, is perhaps the most prominent example of ransomware taking down critical public services and critical infrastructure in the UK. But the attack, which will cost 92 million from which to recover, was actually a non-targeted attack, with the health service was simply swept up in the chaos due to unpatched legacy systems.

Should the NHS be struck by a targeted attack, according to a white paper prepared by the Institute of Global Health Innovation (IGHI) earlier this month, the scale of the damage could be many times higher.

Featured Resources

How to be an MSP: Seven steps to success

Building your business from the ground up

Download now

The smart buyer’s guide to flash

Find out whether flash storage is right for your business

Download now

How MSPs build outperforming sales teams

The definitive guide to sales

Download now

The business guide to ransomware

Everything you need to know to keep your company afloat

Download now

Recommended

Cyber attacks on manufacturing up 300% in a year
Security

Cyber attacks on manufacturing up 300% in a year

11 May 2021
US fuel pipeline hackers reveal their motive
ransomware

US fuel pipeline hackers reveal their motive

11 May 2021
Trend Micro and Snyk team up to combat open source flaws
vulnerability

Trend Micro and Snyk team up to combat open source flaws

10 May 2021
Virtual desktops and apps for dummies
Whitepaper

Virtual desktops and apps for dummies

10 May 2021

Most Popular

KPMG offers staff 'four-day fortnight' in hybrid work plans
flexible working

KPMG offers staff 'four-day fortnight' in hybrid work plans

6 May 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

29 Apr 2021
How to move Windows 10 from your old hard drive to SSD
operating systems

How to move Windows 10 from your old hard drive to SSD

30 Apr 2021