New Orleans Mayor LaToya Cantrell declares a state of emergency following a barrage of phishing attacks hitting the Louisiana city.
The suspicious activity was detected at around 5am on Friday 13th December, with a spike in attempted cyber attacks at 8am. According to the city’s Chief Information Officer, Kim LaGrue, they had detected phishing attempts and ransomware.
At 11am staff were ordered to shut down their servers and computers, switch off WiFi on all devices and revert to pen and paper. A state of emergency was then declared with the Civil District Court by city authorities and local, state and federal officials are currently investigating the incident.
Although ransomware was detected and IT staff are working to recover data from the attack, no ransom demands have been made as of yet.
The strain and origin of the ransomware attack are still unknown, but Mayor LaToya Cantrell said that some 4,000 computers may need to be scrubbed before resuming regular operation.
The City remains actively involved in recovery efforts related to the cyber-security incident last Friday, and individual agencies and departments will be impacted in various waysLaToya Cantrell – Mayor of New Orleans, Louisiana
Due to the attack, as of Monday 16th December, the New Orleans government website nola.gov is down, with the following temporary website in place:
This is yet another link in a long chain of city-wide cyber-attacks seen across the US, with large-scale attacks seen in Baltimore and Pensacola before it.
New Orleans has responded well to the incident, with damages still reported as minimal.
Yet again, we are faced with a glaring necessity for users to be trained in spotting phishing emails. With so many phishing campaigns targeting the public sector and causing serious damage, it is no longer acceptable to provide once-a-year or even less frequent cyber security training.
With solid security awareness training and simulated phishing, organisations can reduce their users’ susceptibility to clicking on phishing emails (their ‘Click-Prone® %’) by up to 90%. There is no other security hardware or software that provides such a reduction to an organisation’s cyber threat surface in a more affordable package.
At Phishing Tackle, we work hard to develop the tools our customers need to spot phishing attacks and increase their cyber-awareness. We have even created a free tool to reveal how many of your users will click on a phishing email, try it out here: Free Click-Prone® Test
Whether a large-scale public sector organisation or a small business with under 10 employees, phishing will find their way into your users inbox.
When they do, make sure your users are trained to spot them.