Fraud Management & Cybercrime , Ransomware
Ransomware Attack Shuts Down Kansas City Systems
Phones, Wi-Fi, Digital Payments Are Among the Affected SystemsThe city administration of Kansas's largest city shut down IT systems and switched to cash transactions in the wake of a ransomware attack detected on Sunday.
See Also: Code Red: How KnowBe4 Exposed a North Korean IT Infiltration
Municipal officials from the city of Wichita said Tuesday that no timetable yet exists for the restoration of systems. The city will stagger the restoration of systems to "minimize disruptions," they said. Approximately 396,000 individuals reside inside city boundaries, according to U.S. Census figures.
The attack encrypted several city systems with malware, forcing officials to disconnect and shut down services to contain its spread. Public safety assistance and water systems are secure and functioning as normal. Public Wi-Fi is unavailable at some locations, including Wichita Dwight D. Eisenhower National Airport, where arrival and departure screens are also not working. Flights are operating normally. The city phone system is down, and the city is only accepting cash for court penalty payments and public transportation services.
The city said shutting down IT systems was "necessary to ensure that systems are securely vetted before returning to service."
First responders have switched to business continuity measures where necessary. The city is not disclosing the threat actors responsible for the attack for "operational security purposes," and is not disclosing what data they had access to.
The weekend hack comes days after a cyberattack launched during a heavy storm took down Kansas City Scout System, which provides real-time weather and traffic information to highway drivers.
The city's transparency in disclosing the latest ransomware attack is "incredibly important" to ensure timely response and is a sign that it is taking any impact on data seriously, said Malachi Walker, security adviser at DomainTools.
"Hopefully, that means that they have necessary backups in place to reduce the urgency in the demands of those behind this attack," he told Information Security Media Group.
Critical services have adopted digital transformation because it is more effective, collaborative and time-saving than the old pen-and-paper way of doing things, Colin Little, security engineer at Centripetal, told ISMG. "But a question that arises after these incidents is: How often and how recently have these business continuity services been tested before this event?"