Gary officials are remaining tight-lipped about a ransomware attack that struck some of the city’s computer system servers.
Michael Gonzalez, city spokesman, confirmed Thursday the city recently was struck by a ransomware attack. He declined to comment on when the attack began, how the ransomware was introduced to the system or the exact number of servers and computers impacted, citing the ongoing investigation. Gonzalez said the city has multiple servers and not all were affected.
Gonzalez also declined to comment whether the city has paid any money to regain control of its equipment, due to the investigation.
The city contacted the FBI and Department of Homeland Security when the attack was discovered. The agencies are handling the investigation, Gonzalez said.
“The best news is we are fixing the problem and doing it systemwide to make sure we ensure the integrity of the system,” Gonzalez said.
Three temporary IT workers have been hired to assist the city’s four-person IT team to rebuild every server and computer to ensure the equipment has been cleaned, the ransom ware fully removed and no Trojan horse programming remains, he said.
Gonzalez said he is unsure how long the rebuilding process will take but expects the work to be done soon. At no time was the city unable to conduct business as not all equipment was affected, but it did cause delays, he said.
“We will do our best to reduce the possibility of it happening again,” Gonzalez said.
Deputy Mayor Trent McCain declined to comment on the situation only saying the city is working with the FBI and Department Homeland Security as they investigate.
“The good news is we are rebuilding,” McCain said.
A cyberattack on a critical U.S. pipeline is sent ripple effects across the economy this week, highlighting cybersecurity vulnerabilities in the nation’s aging energy infrastructure when the Colonial Pipeline was attacked.
Colonial, which delivers about 45% of the fuel used along the Eastern Seaboard, shut down May 7 after a ransomware attack by gang of criminal hackers that calls itself DarkSide.
U.S. officials said Monday that the ransomware malware used in the Colonia attack didn’t spread to the critical systems that control the pipeline’s operations. S. officials said Monday that the “ransomware” malware used in the attack didn’t spread to the critical systems that control the pipeline’s operation, but instead caused a spree of panic buying throughout the South. The Consumer Product Safety Commission released a statement telling people to not use plastic bags for gasoline.
In September 2019, Lake County government was attacked. At the time, Lake County officials said they planned to increase cybersecurity, The attack shut down the majority of the county’s email server for more than two weeks.
Ransomware is a category of malware that encrypts computer files and documents “making them inaccessible until a ransom is paid,” said Christine Bavender, spokeswoman for the FBI Indianapolis, in an email at the time.
The FBI recommends not paying a hacker’s extortion demands because it “doesn’t guarantee an organization will regain access to their data,” Bavender said. In some cases, organizations never received a decryption key after paying ransom, she said.
“The payment of extortion demands encourages continued criminal activity, leads to other victimizations, and can be used to facilitate additional serious crimes,” Bavender said.
On July 6, 2019, LaPorte County experienced a ransomware attack that was “particularly insidious in that it jumped over all our firewalls and was able to penetrate backup servers,” said LaPorte County Commission President Vidya Kora in a news release then.
The FBI told LaPorte County officials that its decryption keys would not unlock the county’s data, so it had to pay the ransom, Kora said in the release.
The initial ransom amount was $221,000, but a negotiator helped LaPorte County officials decrease that price to approximately $132,300, which was paid in bitcoin, according to the release.
The Associated Press contributed.
Copyright © 2024, Chicago Tribune