On Feb. 8, 2023, the City of Oakland suffered a ransomware attack. It forced several city
systems to go offline. Fortunately, it did not affect emergency services. 911 and fire rescue
were still online.
Digital security experts investigated the incident. They assume the attack started with an
email that contained a malicious ransomware program. When a user clicks on a link or
attachment, the ransomware gets into the system and steals valuable data.
Reason for State of Emergency Declaration
Interim City Administrator G. Harold Duffey declared a state of emergency on Feb. 14, 2023. That allows city officials to fast-track procurement to address the situation. They can activate emergency workers faster, too.
Update From the City of Oakland
Not all details are known to date. But several non-critical systems reportedly went offline.
Some services also became unavailable, including the following:
- Report processing
- Payment collection
- Issuance of permits and licenses
A week after the attack, officials are working to put in place their recovery plans. The goal is to restore all affected systems to normal.
They have not announced who was responsible for the attack, though. No one has claimed
Ransomware Attacks on the Rise
Ransomware disables systems by encrypting files. It then gives the user a limited time to pay up or risk losing the files. It is easy to get the program into the computer. The challenge is getting paid.
Cybersecurity expert Ahmed Banafa noted that ransomware attacks are rising alongside the increasing use of cryptocurrency.
Hackers had limited options to get paid before cryptocurrency. Regular money transfers can lead to them. They need to provide banks with their data, like names and addresses. With cryptocurrency, they can receive payment privately. Police would have a hard time tracing it to the criminal.
These criminals also like to target the public sector. Unlike private companies, they cannot
justify high budgets for IT. Security experts in Emsisoft said that over 200 US public sector organizations received ransomware threats.
Education and healthcare industries are also vulnerable as they hold valuable data. Patient
details could be stolen and sold to others.
It takes weeks or months to recover from a ransomware attack. Some organizations could not afford that. It takes a lot of time and money to resume normal operations. The best course of action is to prevent an attack.
Security experts suggest having cybersecurity programs. They guard against malware and
But the best line of defense is knowledge. Companies can invest in employee training.
Employees should learn how attacks happen. That way, they can guard against potential
threats, keeping the organization and its critical data safe.