Cloud Hosting

While the world is focused on battling the coronavirus, cyber attacks have increased in the healthcare field and for individuals. Veuers Justin Kircher has the story. Buzz60

Five days after the City of Knoxville fell victim to a ransomware attack, some services remain hampered and a red bar continues to appear across its website saying, City online services are currently unavailable.

In a ransomware attack, cybercriminals gain access to computer files, lock them down and demand payment to restore access.City officials maintain that the threat has been isolated and the city is operating as normal outside of a few inconveniences.

Still, when pressed by Knox News, city officials have declined to provide further updates on the attack, the citys response or to answer a list of detailed questions.

Those questions include:

Spokesperson Kristin Farley answered these questions by repeating her previous statement that the city is working diligently to restore our systems to full functionality with the assistance of industry experts.

Spokespersons for Knoxville fire andpolicedirected questions to the mayor's office.

Ransomware alert(Photo: Rob Engelaar/epa)

Jason Jarnagin is a supervisory special agent over East Tennessee cybercrime in Knoxvilles FBI office. He told Knox News that COVID-19 has provided a new avenue for scammers because ofthe large increase of workers using remote logins while teleworking.

More: City of Knoxville hit by overnight ransomware attack

Though he had no hard number available to show an uptick in cyberattacks, Jarnagin pointed to a Federal Trade Commission report that showed consumers have reported losing some $59.2 million to COVID-19-related fraud.

Early on, some of these attacks arrived in the form of an email message from what appeared to be the World Health Organization, suggesting you read an attachment with official information on how to protect yourself from the coronavirus. Clicking the file from this impersonator, however, downloaded a hidden installer to your computer that let cybercriminals have access to your data lifted from your keystrokes.

Others have infected cellphones of people who click on a COVID-like map, Jarnigan said.

While anyone experiencing a cyberattack would be inconvenienced, large organizations, health care providers and cities are at a much higher risk level, Jarnagin said.

Ransomware can cripple a municipality or state agency as well as a health care organization to the point where they can no longer conduct business, he said.

Go deeper: As Knoxville deals with ransomware attack, other Tennessee cities have been there before

FBI staff organize a surprise reunion for retiring Special Agent in Charge Troy A Sowers at Knoxville's FBI field office on Friday, Aug. 9, 2019. Sowers was reunited with a newborn baby boy he rescued as a rookie FBI agent working a 1997 kidnapping case in Tacoma, WA. The baby, Stewart Rembert, now 22, currently is a U.S. Marine. (Shawn Millsaps/Special to News Sentinel)(Photo: Shawn Millsaps/Special to the News Sentinel)

At its worst, an attack can be deadly if it interferes with emergency operations or prevents access to medical records.

In 2018, the Atlanta suffered one of the worst ransomware attacks in recent memory. Thousands of city employees were locked out of their computers and some operations were halted for days.

Scammers reportedly demanded roughly $50,000 to unlock Atlanta's system, but it was later reported that the attack could cost the city up to $17 millionin damages, up from an estimated $2 million.

Internet security company Emsisoft reported ransomware attacks againstnearly 1,000 governmental agenciesin 2019 cost $7 billion in damage.

City officials speculated the attack, which was discovered early Thursday,was launched through a phishing email mistakenly opened by a city employee.

The source of the attack remains unknown.

Some online services are down across the city and the police department announced last week that officerswill not respond to wrecks unless they involve injury or a disabled vehicle blocking trafficbecause they cant access their electronic reporting system.

A view south down a mostly-empty Gay Street in downtown Knoxville, Tenn. on Friday, May 1, 2020. Restaurants and retail stores were among the types of businesses allowed to reopen as part of Knox County's Phase One reopening plan.(Photo: Calvin Mattheis/News Sentinel)

Motorists are being advised to contact their insurance provider for a crash report.

An initial assessment indicates that no financial or personal information was compromised. The city said it does not store credit card information used to make payments. Online reservations forcity facilities are not believed to be at risk, either.

City offices and services are open as usual, although visitors could experience some inconveniences.

City information technology officials think the threat has been isolated. The attack did not affect the city's backup servers and much of the city's work can be rerouted through those systems, said David Brace, the city's chief operationsofficer and deputy to Mayor Indya Kincannon.

USA Today contributed to this report.

Email Tyler Whetstoneat tyler.whetstone@knoxnews.comand follow him on Twitter @tyler_whetstone. If you enjoy Tyler's coverage, support strong local journalism by subscribing.

Read or Share this story: https://www.knoxnews.com/story/news/local/2020/06/16/knoxville-mum-ransomware-attack-and-whats-being-done-fix/3190160001/

See the original post here:
Knoxville still quiet on ransomware attack and what's being done to fix it - Knoxville News Sentinel