The December Cyberattack Against New Orleans has Cost the City $7 Million, So Far

• City officials suspected that the attack began when an employee clicked on a link in a phishing email and provided their credentials.
• The Mayor had declared a ‘state of emergency’ and confirmed that the city had suffered a ransomware attack.

The City of New Orleans has incurred a loss of $7 million, so far, to recover from a cyberattack incident that occurred in December 2019.

What happened?

On December 13, 2019, the city of New Orlean had reported the detection of suspicious activity on it’s network. According to the City of New Orleans’ emergency preparedness campaign, NOLA, the attack had started at 5 am. However, the activity was detected around 11 am. City officials suspected that the attack began when an employee clicked on a link in a phishing email and provided their credentials.

As a precautionary measure, the city’s IT department gave the order for all employees to disconnect from Wi-Fi and power down their computers. During a press conference, the Mayor had declared a ‘state of emergency’ and confirmed that the city had suffered a ransomware attack.

Details about the recovery process

Although no city data was lost in the attack and no demands for payment was made by attackers, the city estimated that over 3400 computers were affected due to the incident. About 35 Louisian National Guard personnel along with about 20 industry partners are at work to reinstate the affected systems. This recovery process would cause some of the computers to lose previous data.

“Now, we’re in the stabilization period. We are trying to rebuild what we had to turn off essentially and that is a long, laborious, time-sensitive process and that’s where I am telling staff and employees we’re looking maybe at a six to eight month window before actual normalcy starts to integrate all of our systems,” said Gilbert Montano, the city’s Chief Administrative Officer, Bitdefender reported.

Conclusion

So far, the city has spent $7 million and is expected to spend more on system upgrades and cybersecurity investments. Officials said $3 million will be recovered from the city’s cyber insurance.