Independence, Mo., Recovering After Ransomware Attack

The attack, which occurred over the weekend, resulted in "technical difficulties and disruption to multiple services" but was discovered and halted "before it could infect the full city network," the city manager said.

BY MIKE GENET, THE EXAMINER / DECEMBER 9, 2020

SHUTTERSTOCK
(TNS) — Independence city staff were working Monday morning to recover from an apparent ransomware attack on the city's technology over the weekend.

In a statement, City Manager Zach Walker said the attack resulted in "technical difficulties and disruption to multiple services" but was discovered and halted "before it could infect the full city network."

A ransomware attack is a form of cyberattack that locks up a computer or computer system, which can severely hamper an organization's operations, especially if the organization can't access a backup system. The hackers then typically demand a ransom, often paid in some form of cryptocurrency to avoid detection, before they unlock the computer system to allow access again. Cities, school systems and national and global companies have been hit by such attacks in recent years.

The city initially did not specify what services had been affected or respond to a question of whether any "ransom" had been involved, but it later posted on social media that the city's online bill payment system was temporarily down. The city announced last week that it had suspended late fees for bill payments as well as commercial utility shutoffs. The city added Monday that it was suspending residential utility shutoffs as well.
In his statement, Walker said city staff have been working "around the clock" with forensic specialists to find out how the ransomware attack started and how much it spread, and to restore access to affected computer systems as quickly as possible.

The City Council in July approved more than $4 million worth of upgrades to the city's primary and backup data centers and cybersecurity system — designed to ward off exactly such incidents as this weekend's attack — though it's unclear how many of those upgrades are in place. At the time, while city officials said it wouldn't be prudent to divulge specific cybersecurity concerns publicly, Jason Newkirk, the city's chief information officer, and Mayor Eileen Weir said it's fair to say the city's information system, like many other municipalities, is constantly under attack. Newkirk said they see malicious attempts during daily checks.

Shortly after a ransomware attack last year on Truman Medical Centers, Bryan Hurley, director of the nationally recognized cybersecurity program at Metropolitan Community College-Blue River in Independence, said ransomware attacks have become more noteworthy because hackers found organizations willing or needing to pay large sums of money to regain data access.

Whereas many cyberattacks have been about stealing information or access to that information and then using that to steal other people's money, Hurley said, ransomware attackers don't seek the data as much as what organizations might pay because of how vital the locked-out information might be.