The cyber attack targeted the city’s operating systems, including its public safety phone networks, although the city responded quickly, the statement said.
“Some of the systems are still being recovered and they’re coming back up fast,” said Beverly Thompson, Durham city public affairs director.
The origin of the attack is unknown and is being investigated by the City. WRAL reported that the North Carolina State Bureau of Investigations said the malware used in the attack is of Russian origin, and is spread through malicious email attachments and across network servers.
“We’re doing some investigation to figure out where it emanated,” Thompson said.
City IT staff estimates that phone systems will be running on Monday. Critical public safety systems such as the 911 call center are operational and emergency calls are still being handled.
The city’s phone system was intentionally shut down to contain the attack. As a result, phone calls to the city’s services are currently being disrupted, such as the Durham One Call’s phone line, parks and recreations centers and City Hall.
The city and county’s websites are operating as normal, and there is no impact to the Durham County Sheriff’s Department 911 services.
All non-emergency city operations and county government will be open Monday as normally scheduled.
More malware, specifically ransomware attacks in North Carolina were reported in 2019 than all of 2018, according to the N.C. Department of Information Technology.
An update on the incident will be provided to local media this week, the statement said.
©2020 The News & Observer (Raleigh, N.C.). Distributed by Tribune Content Agency, LLC.
