Oakland Declares Emergency Following Ransomware AttackPolice Say Responses to Nonemergencies Are Delayed; Emergency Systems Unaffected
The California city of Oakland is in a state of emergency as its response to a ransomware attack enters its second week.
The ransomware attack, detected during the night of Feb. 8, forced the closure of Oakland City Hall. The city says the attack left "several nonemergency systems including phone lines within the City of Oakland impacted or offline." The attack did not affect emergency systems, including 911 dispatch and fire services, or the city's financial systems, the city says. Oakland police have warned the attack is delaying responses to nonemergency matters.
Which ransomware criminal group is behind the attack and the amount of its extortion demand are currently known. Oakland says it "working with a leading forensics firm to perform an extensive incident response and analysis," and law enforcement agencies from all levels of government, including federal, are investigating the attack.
Ransomware attacks show no signs of slowing although fewer victims are paying the extortion demand. This change has led to a significant fall in ransomware gang revenue (see: Ransomware Profits Dip as Fewer Victims Pay Extortion).
The federal government had been vocal in efforts to crack down on ransomware gangs, and earlier this year it seized the digital infrastructure of one prolific gang and shut down a cryptocurrency exchange that allegedly transmitted more than $15 million in ransomware proceeds. The yearslong wave of ransomware attacks across the globe has attracted attention from the White House, which initiated the International Counter Ransomware Initiative in 2021. The effort led Australia in January to inaugurate a global task force aimed at fostering cooperation among law enforcement agencies and swapping intelligence about attacks (see: Australia Initiates Global Ransomware Task Force Operations).
Oakland is not the only American city dealing with the fallout of a ransomware attack. The California city of Modesto also underwent a ransomware attack, which disabled patrol vehicle laptops, the Modesto Bee reported.
"At least 6 U.S. local governments have been impacted by ransomware already this year, with at least 4 of them having had data stolen," tweeted ransomware expert Brett Callow on Friday.