Ransomware Shuts Down Knoxville Network
The city of Knoxville, Tenn. was crippled from a ransomware attack that took the city's network offline and prevented police from responding to non-life-threatening traffic crashes. The incident occurred Wednesday and knocked out systems until Thursday. Also impacted was the city's internal IT network, public website and court systems, forcing Friday court sessions to be rescheduled. Knoxville's Information Technology team acted swiftly to shut down the City's computer network, identify and isolate problems, and minimize damage.
While officials have not confirmed the source of the ransomware, local reports point to a spear-phishing email, which was opened by a city employee. No financial or personal information was compromised, according to the city. According to officials, even though the city shares some network infrastructure with the county, there is no evidence of the county's network being compromised.
In 2019, 113 state or municipal entities were hit by ransomware. Knoxville is the 51st city to be hit in 2020 so far. Last year, two Florida cities: Lake City and Riviera Beach, were both hit by ransomware attacks and paid the hackers. And, after several public schools were hit with ransomware in July, Louisiana's governor declared a statewide state of emergency. The city of Baltimore was another high-profile victim of ransomware, which hit in May and halted some city services like water bills, permits and more, with hackers demanding a $76,000 ransom.
Hackers target organizations that require the least effort to hack for maximum profit, and state and local governments usually fit the profile. These smaller government agencies often use old, legacy infrastructure, and that old legacy infrastructure is easy for hackers to exploit.