Listen to this article here
The City of Tulsa is changing its password following an IT breach that infected its network infrastructure with malicious software. A ransomwareC threat caused the City of Tulsa to shut down nearly its entire network of sites and all online services, including payment options for bills and services.
Tulsa Police Department, in a Facebook post, noted that no personal information had been breached, and that several Tulsa websites were being repaired and updated following the attack. Tulsa Mayor GT Bynum insisted that the city’s emergency services were not disrupted during the breach.
Hack brings down city websites
Meanwhile, despite downplaying the hack, websites for the City of Tulsa, the Tulsa City Council, and Tulsa Police are all down for “maintenance.” The City insists that when the sites return, they will be more secure and less easily attacked by bad actors.
Over the weekend, the city alerted online security authorities of the malware attack. Security services are working to identify the source, with support from external experts who are working to reverse the loss of data. The online service shutdown was initiated in order to prevent the spread of further malware.
String of hacks across cities
Tulsa is not the first major city to be hit by a cyber attack. Atlanta, Albany, Knoxville, and New Orleans have all experienced breaches in their citywide online security services. This has led to the US Council of Mayors to unite and speak out against cities for paying the ransom demanded to stop the attacks.
A C-Net article from 2 years ago explains ransomware attacks as, “[using] malware to lock out users unless the hackers get paid, usually with bitcoin. Cities have been picked off one by one, with seemingly little recourse. They’ve been prime targets for ransomware attacks because cities can’t afford to let certain services remain frozen.” In its statements, the City of Tulsa did not mention the specific hackers nor the ransom cost.
Tulsa Mayor GT Bynum confirmed the malware hack first appeared on April 21, nearly 3 weeks ago. He did not state why the city did not publicly announce the attack at that time, nor confirm how long the ransomware has been present to infect city services.