Since Friday December 13, New Orleans, Louisiana, has been in a state of emergency. IT administrative services are no longer functioning and officials have had to return to paper and pencil, including the police. The emergencies are working but the town hall site is no longer responding, it only allows you to pay your fines. Justice postpones hearings, etc.
Once again, the problem comes from ransomware, a program that blocks computers and demands a ransom, usually in cryptocurrency. Here, the malware appeared to have arrived via a phishing campaign, according to the mayor of New Orleans. Employees received an email from a seemingly trusted source, with an attachment. One of them clicked … and presto.
Accidents of this type are increasing. Other American cities have been affected since last year, such as Baltimore (Maryland), Atlanta (Georgia), Pensacola (Florida), Jackson County (Georgia) as well as small towns in Texas and the state of Louisiana whole, last November. Ditto in France: the city of Cognac and the Rouen University Hospital were affected, a few weeks ago, by similar malicious programs.
Let’s remember that these are not targeted attacks but indiscriminate attacks via mass email campaigns, which take their toll among the most vulnerable organizations. Either because they do not have effective IT security systems, or because they have old software that is not updated and has security vulnerabilities, or again due to bad practices on the part of employees, not aware enough.
However, we should not throw a stone at the users because phishing is becoming more and more sophisticated and everyone can be deceived. It is therefore necessary, more than ever, to be extremely vigilant. Especially since this will not work out in 2020.