It is true; the world as we know it now and the world that the future generation know is starting to become connected in an intricate web of networks known as the internet. From individual citizens to private businesses, to cities, to the national government, every single unit is basically, in one way or another, online. That is why ill intent individuals and organizations exploit the internet for their benefit. And one of the most notorious methods that cybercriminals used in gaining popularity in recent months – ransomware.
Ransomware is a cyber attack where hackers infect a computing system with an anomaly or a bug to gain access and control and ask for demands like money to solve the crisis. Ransomware has become extraordinarily popular in the last few months, making it one of the most prolific forms of a cyber attack. In one instance, a ransomware attack has crippled the operation of a city government with just a single attack.
On March 30, the social services in the city of Albany, New York was temporarily paralyzed following a ransomware attack that affected the city’s central servers. According to a press release available on the official site of the city, all city services were open to the public except birth certificates, death certificates, and marriage certificates.
“The City of Albany has experienced a ransomware cyber attack. We are currently determining the extent of the compromise. We are committed to keeping you informed and will provide updates as they become available,” posted by Albany Mayor Kathy Sheehan following the discovery of the attack.
A swath of ransomware has been terrorizing different corporation and government systems around the world in recent weeks. Norsk Hydro, one of the biggest aluminum producers worldwide, was previously forced to shut down a part of its manual operations because of a cyber attack that targeted its computer systems and internal servers. After an investigation regarding the incident, it was concluded that a LockerGoga ransomware attacked the company.
Furthermore, a few weeks prior the Albany attack, the parking garage computer system of the Canadian Internet Registration Authority (CIRA), a non-profit organization managing the .ca country code top-level domain (ccTLD) and represents the Canadian domains internationally, was infiltrated by a ransomware attack that allowed employees (and practically anyone) to use a parking space for free. According to the experts that investigated the incident, the attack was carried out using a strain from the Dharma ransomware family.
According to a recent report by the cybersecurity firm Recorded Future, the city of Albany is only one of the government agencies, law enforcement, and schools that have recently been target by ransomware. They reported that at least 170 government systems have been attacked since 2013 and there have already been 21 attacks so far this year.
To make matters worse, according to Recorded Future, 2019 is on its way to tally the highest number of ransomware against cities ever. The organization notes that the lack of transparency and accountability may hide some other attacks, and there could be more that’s unknown to the public.
While being attacked is a consequence of taking cities and organizations online, the researchers were unable to determine whether there is a direct correlation between the two. Nonetheless, they stressed that the growing number of ransomware attacks against government institutions is a problem that needs immediate solving.
“We see with cities coming online in every respect so that when ransomware takes them offline, how much it affects constituents,” Recorded Future’s Allan Liska told Gizmodo. “Atlanta had everything in the ‘smart city,’ so even court systems were taken offline, no one could pay anything through the city because the systems were taken offline.”
The researchers have called for immediate action from both the Federal Bureau of Investigation and the Department of Homeland Security to resolve the problem and stop cybercriminals from sending ransomware to cities and agencies.
“As the cities become smarter, more and more people expect this, and it becomes an extension of what we consider infrastructure,” Liska said. “These online methods will become the only way to accomplish certain tasks, which means these attacks will have more impact. From what we’re seeing, the attacks are only going to increase.”