New Orleans’ State of Emergency For Cyberattack, All Signs Point To Bitcoin Ransomware Ryuk
On the morning of December 13th, New Orleans officials have reported suspicious activities that are more related to phishing. The attack came 3 hours later, shutting down the computers and servers that have been affected.
A declaration of a state of emergency has been filed with the Civil District Court in connection with today’s cyber security event. pic.twitter.com/OQXDGv7JS4
— The City Of New Orleans (@CityOfNOLA) December 13, 2019
City Officials Saying Services Are Still Operating
New Orleans officials say the city’s services are still operating, even with the situation is problematic like this. They have reported that the EMS, police, and fire department are still operating even when the city’s internet network is down. However, it has been decided that building inspections have to be done the old fashioned way, by hand until the situation becomes resolved. Collin Arnold, the director of New Orleans’ homeland security, stated the offices are now dealing with any situation by using paper and pens.
He added the city has a crime center that operates in “real-time crime center” and runs New Orleans’ network, while cameras are recording activities independently. Today, LaToya Cantrell, the mayor of New Orleans, said on Twitter many departments and city agencies are still under the influence of the latest attack.
Traces Lead to Ryuk
A report released by BleepingComputers reveals that someone used an US IP address to upload suspicious executables memory dumps to the VirusTotal scanning service, only one day after the attack. Colin Cowie, the cybersecurity researcher, said many of these files were referring to New Orleans and the Ryuk ransomware, leading BleepingComputers to believe Ryuk is the one responsible for the attack.
Ryuk Encrypts Data and Offers the Decryption Tool in Exchange for Bitcoin
Ryuk is known for encrypting data and demanding Bitcoin (BTC) payments for the decryption tool. The minds behind it are infecting many machines with trojans, just to ask for a ransom. Over 2019, many oil refineries owned by the state, governmental institutions, schools and hospitals have been attacked by Ryuk, with the ransom amounts being determined by the target’s worth. However, it’s not yet sure if Ryuk has anything to do with the New Orleans case, nor how much the attackers are asking for.