Municipalities in US, Spain dealing with outages from cyberattacks

Hackers continue to train their sights on municipalities around the world, this time hitting several targets in the U.S. and Spain in recent weeks.

In the U.S., Tennessee's Germantown announced a ransomware attack on Friday afternoon that impacted internal on-site servers. On Monday, the city of 41,000 — about 30 minutes from Memphis — said it has been able to restore its office phone lines. Some WiFi at government-run facilities is still down.

After city officials first got word of the incident at 6 a.m. on Friday, the town’s “cybersecurity malware system was immediately triggered to limit damage,” they said in a previous statement.

“Initial assessments indicate that data related to finance, utilities and payment information has not been compromised. Due to proactive measures, these systems are intentionally cloud-based and hosted off-site in order to minimize the impact of potential cybersecurity attacks,” they said.

“While the impact is minimal, access to service such as issuing permits and responding to public records requests may be delayed.”

The town did not respond to requests for comment about what exactly was on the servers that were impacted but the statement says the servers were “isolated” and all network computers were shut down. Temporary websites were created for utility and tax payments but the city noted they can also be paid in person at City Hall.

All fire and police services, including the city’s 911 system, are still functioning

The FBI is helping the town with the investigation and incident responders are assisting with the restoration effort.

After a 2023 stacked with devastating attacks on city, county and state-level governments, 2024 has already seen multiple incidents.

Fulton County — home to Atlanta — is still struggling to recover from a ransomware attack that caused countywide outages touching nearly every arm of the government.

Spain attacks

Two towns in Spain — Teo and Sant Antoni de Portmany — also announced incidents over the last week that have limited their ability to function and provide services.

The towns, both of which have fewer than 30,000 residents, contacted the National Cryptologic Center (CCN) for assistance alongside other law enforcement agencies.

Sant Antoni de Portmany, located on the island of Ibiza, said its ransomware attack was detected at midnight on Thursday and has already limited the work of city employees. Containment measures are being instituted while the scope of the attack is analyzed.

“IT equipment remains paralyzed and employees have been notified of action guidelines while the situation is analyzed and resolved,” the city said in a machine-translated statement.

“The City Council recommends that citizens call before attending in person, in order to confirm whether the procedures can be carried out or whether they can attend their appointment.”

Teo’s attack occurred on the afternoon of January 24 and has “paralyzed administrative activity in the following days.” The attack affected computers used in the social services offices and at the Teo Women's Information Center.

The city’s mayor and council are coordinating with state officials, the Spanish Data Protection Agency and national police agencies on the recovery effort.