Fraud Management & Cybercrime , Ransomware

Tulsa City Officials Report Ransomware Attack

City Shuts Down Websites, Systems
Tulsa City Officials Report Ransomware Attack

Tulsa city officials shut down systems and websites after a Sunday ransomware attack, making it impossible for residents to gain online access to many services.

See Also: Live Webinar | Adversary Analysis of Ransomware Trends

"The city of Tulsa is experiencing technical difficulties on many outward facing programs that help serve the citizens of Tulsa due to a ransomware attack. No customer information has been compromised, but residents will not be able to access city websites, and there will be delays in network services," the city stated in a posting on its Facebook page.

The city shut down many of its internal systems and websites as its IT team and an outside security firm attempted to deal with the attack's impact. Tulsa officials did not say what cyber gang was behind the attack or the type of ransomware used, but they said they hope to have services restored this week.

The city's 911 and emergency response systems were not affected by the attack, according to the statement on Facebook. The city's utility billing system and several other online services, however, are down, the city says.

The Tulsa attack came just two days after Colonial Pipeline reported being hit with ransomware, effectively knocking offline its ability to pump fuel through the company's 5,500 miles of pipe that runs along the East Coast to the Gulf states.

Municipalities Targeted

The Oklahoma city joins a long list of municipalities that have had to deal with ransomware attacks over the last several years. These include Atlanta, Baltimore, New Orleans and Greenville, North Carolina, as well as several communities in Florida, including Lake City, Riviera Beach and Pensacola.

Atlanta was attacked in March 2018 with SamSam ransomware, resulting in a $2.6 million bill for the city to mitigate the situation.

The attackers who struck Baltimore in May 2019 used RobbinHood ransomware, which was also used in the Greenville incident that affected about 10,000 computers within the city's network. The financial toll for the attack was about $18 million.

Two Florida cities, however, opted to pay the ransom. Lake City, which was attacked in June 2019, paid $530,000, while Riviera Beach shelled out $600,000 in response to a May 2019 attack.

About the Author

Doug Olenick

Doug Olenick

Former News Editor, ISMG

Olenick has covered the cybersecurity and computer technology sectors for more than 25 years. Prior to his stint as ISMG as news editor, Olenick was online editor for SC Media, where he covered every aspect of the cybersecurity industry and managed the brand's online presence. Earlier, he worked at TWICE - This Week in Consumer Electronics - for 15 years. He also has contributed to, TheStreet and Mainstreet.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.