LAWTON – The City of Tulsa shut down its computer network earlier this month as a security precaution after an attempted ransomware attack, and the City of Lawton can sympathize: been there, done that.
A City of Tulsa spokesman said the attempted breach was interrupted before any personal data could be accessed.
One consequence of the shutdown – which city officials said could last several more days to approximately a month – is that most Tulsa residents were unable to pay their water bills either online or in person. The city cannot process credit or debit cards because its computers are inoperable, officials lamented.
Lawton’s municipal computer system was hacked in August 2017 and was down for several days. The intrusion might have occurred through email, but the type of intrusion was never identified, although the breach was not a ransomware attack, Community Relations Director Tiffany Martinez Vrska said.
The intrusion was discovered via service requests, she said.
City personnel upgraded the infrastructure “to include private and public cloud-based delivery systems, antivirus, filters, intrusion detection software and hardware, and biannual intrusion testing,” Vrska said.
While municipal systems were inaccessible, the various city departments “utilized the business continuity plans applicable to their areas, which in some cases included reverting to paper systems,” Vrska said.
Tulsa detected malware in its network on May 6; it was the 33rd local government in the U.S. to be victimized by a ransomware attack this year, according to a threat analyst at the security firm Emsisoft. Tulsa Mayor G.T. Bynum said federal investigators are assisting the city.
A pipeline that daily transports more than 100 million gallons of gasoline and jet fuel from Houston to the southeastern United States and as far as New York Harbor was shut down May 7 by a ransomware attack.
Approximately 5,500 miles of Colonial Pipeline were idled by the electronic breach.
The CEO confirmed later that in order to regain control of their computer systems, Colonial paid $4.4 million in bitcoin ransom payments to an eastern European cybercriminal gang known as DarkSide.