City of Tulsa hit by ransomware over the weekend
The city of Tulsa, Oklahoma, one of the 50 largest cities in the US, has been hit by a ransomware attack over the weekend that affected the city government's network and brought down official websites.
The attack, which took place on the night between Friday and Saturday, is currently being handled by the city's IT team, which have managed to restore the city's websites, a spokesperson told The Record.
IT teams are still working to recover impacted systems from backups.
The attack is believed to have impacted only a small portion of the city's network. The intrusion could have had much more severe consequences if it had hit the city during a working day when most computers would have been turned on.
Staff hope to have at least a part of the city government's computers up and running before employees arrive to work on Monday and restore full services during the coming week, Michelle Brooks, Communications Director for the city of Tulsa, said in a press release.
Tulsa, which is currently the 47th biggest city in the US based on population size, is just the latest in a long list of US cities that have suffered a ransomware attack.
While most incidents have previously hit smaller cities, ransomware gangs have sometimes also managed to infect the network of a larger metropolitan area, with the largest incidents being reported in Atlanta, Baltimore, Denver, Knoxville, and New Orleans.
The city of Las Vegas could have also joined the list, but its IT team narrowly avoided falling victim to an attack in January 2020.
In July 2019, after years of ransomware attacks against US cities, the US Conference of Mayors unanimously passed a resolution calling on local officials to stop paying ransomware demands to cybercriminal gangs who were taking over their networks.
Despite the resolution, many cities ended up paying huge ransom demands after being faced with losing important data, or after ransomware gangs threatened to leak sensitive user data on the dark web.
Last month, a coalition of public and private organizations and government agencies put their backing into a series of recommendations and a group called the Ransomware Task Force, aimed at fighting the current spike in ransomware attacks. Their 80-page report, backed by the Justice Department, was submitted to the Biden administration seeking the White House's official regulatory support for a broader crackdown against ransomware operators.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.