Global public infrastructure hit by ransomware attacks

Global map in black and red colour scheme denoting threat with plots in major cities to show cyber attacks being observed across the world

The Governor of Louisiana has declared a state of emergency after a handful of school districts across the state were hit by a wave of ransomware attacks.

The IT networks of at least three school districts - Sabine, Morehouse and Ouachita - were taken down after the attack last week, with local files encrypted by a gang of cyber criminals. Governor John Edwards has, as a result, declared a statewide emergency while authorities probe whether other public services and government agencies may be at risk.

This is the first time the state has declared such an emergency and allows for a greater level of state resources to be dedicated to ongoing investigations. Cyber security experts from Louisiana National Guard, State Police and the Office of Technology Services are also being roped into helping local government agencies prevent any further data loss.

"The state was made aware of a malware attack on a few north Louisiana school systems and we have been coordinating a response ever since," Edwards said.

"This is exactly why we established the Cyber Security Commission, focused on preparing for, responding to and preventing cybersecurity attacks, and we are well-positioned to assist local governments as they battle this current threat."

Meanwhile, a power supplier based in the South African city of Johannesburg was also struck by a malware attack yesterday as citizens with prepaid metres were unable to buy electricity or upload invoices.

The ransomware virus encrypted all of City Power's databases, applications and its network, effectively leaving people facing blackouts that, in some cases, have lasted more than 12 hours. The city of Johannesburg-owned energy supplier is working to restore power to affected regions.

This, of course, also follows a significant attack on the city of Baltimore in May in which thousands of government computers were infected public services were rendered offline for more than two weeks. Recovery costs for the attack are estimated to exceed $18 million.

This comes at a time where organisations in the UK have experienced an explosion of ransomware attacks since the start of the year. So far in 2019, researchers learned there have been 2.4 million encrypted malware attacks, almost the same number as detected throughout the whole of 2018, 2.8 million.

Both attacks also highlight just how tempting a target national critical infrastructure can be to cyber criminals, especially given the public sector cannot always boast the same degree of security and expertise as private sector organisations.

The Ukranian 'black energy' crisis, in which a virus took down the country's power grid, is among the most famous examples of cyber criminals crippling critical national infrastructure.

The UK's Joint Committee on the National Security Strategy (JCNSS), meanwhile, warned that it's "impossible" to protect the UK's national critical infrastructure from the sort of rampant cyber attacks that have struck Louisiana and Johannesburg.

An increasingly complex security landscape and the government's own shortcomings in assessing how widely connected infrastructure is becoming has been touted as potentially leaving the UK exposed to a second WannaCry-style attack.

The WannaCry virus, which crippled the NHS especially, is perhaps the most prominent example of ransomware taking down critical public services and critical infrastructure in the UK. But the attack, which will cost 92 million from which to recover, was actually a non-targeted attack, with the health service was simply swept up in the chaos due to unpatched legacy systems.

Should the NHS be struck by a targeted attack, according to a white paper prepared by the Institute of Global Health Innovation (IGHI) earlier this month, the scale of the damage could be many times higher.

Keumars Afifi-Sabet

Keumars Afifi-Sabet is a writer and editor that specialises in public sector, cyber security, and cloud computing. He first joined ITPro as a staff writer in April 2018 and eventually became its Features Editor. Although a regular contributor to other tech sites in the past, these days you will find Keumars on LiveScience, where he runs its Technology section.