On Friday the 13th of December, the City of New Orleans suffered a ransomware attack that resulted in a shutdown of the city’s servers and computers. The city stated that emergency services were not affected. Kim LaGrue, the city’s CIO, stated that the attack was first detected at 5:00 AM on December 13th, and appears to have originated from a phishing email. When employees started accessing their computers at 8:00 AM, the network showed an uptick in suspicious activity. The next day, memory dumps were uploaded from an IP address in the USA to the VirusTotal scanning service that contained multiple references to New Orleans and the Ryuk Ransomware. Colin Cowie of Red Flare Security found the information and shared it responsibly. If the city was indeed encrypted by Ryuk, then this just another incident of the recent uptick in the activity of Ryuk.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.