IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

New Orleans IT Leader Details Cyberattack Recovery

Six months after a cyberattack shut down New Orleans' government and exposed flaws in its systems, the city has mostly recovered even as the coronavirus pandemic delivers a new set of challenges, officials said Tuesday.

New Orleans_shutterstock_313893050
(TNS) — Six months after a cyberattack shut down New Orleans' government and exposed flaws in its computer systems, the city has mostly recovered even as the coronavirus pandemic delivers a new set of challenges, city officials said Tuesday.

City Hall officials have spent $4.2 million thus far to recover from a December ransomware attack, spending money on hundreds of new computers as well as upgraded software. All told, the city is about 80% recovered, according to Mayor LaToya Cantrell and Kim LaGrue, the city’s Chief Information Technology & Innovation Officer.

Still to come is the replacement of some older software — often a critical weakness targeted by hackers — and a few other projects.

The coronavirus has also underscored the need for a stronger tech operation, as opportunistic hackers have tested the city's defenses in recent months and as the city has had to pivot to an online-only environment.

“It was a priority for my administration that people saw this government moving forward, particularly through this cyber attack and then through this pandemic,” Cantrell said.

New Orleans was one of dozens of U.S. cities hit by ransomware last year, part of a national trend of attacks against state and local entities by hackers savvy enough to exploit poorly maintained systems.

The attacks often involve a hacker sending a malicious email intended to trick a user into sharing computer credentials. Once they obtain a login, hackers work their way through systems, locking up computers and demanding payment to allow access.

The attacks have been so disruptive that in some cases public agencies and private businesses in the U.S. have paid the ransom. Others have taken out costly insurance policies or rebuilt entire networks to better ward off future attacks.

After hackers breached the city's defenses in December, Cantrell's administration budgeted to raise its $3 million insurance policy to a $10 million plan. It moved to replace outdated and compromised computers and paid workers to wipe computer drives and upgrade software. The city said it did not pay a ransom.

Since December, 500 out of 800 city-owned computers have been replaced, LaGrue said. It has moved its email services to the cloud, and installed new security tools that check if each device on its network is virus-free.

With those and other needs addressed, the city has spent $4.2 million thus far out of the $7.5 million it budgeted to respond to the attack.

Still outstanding are upgrades to older software in some departments that is more vulnerable to hackers, replacements of the final 300 old computers and new devices for city police cars, among other items.

Cantrell pledged to spend the remaining $3.3 million on cyber security Tuesday even as she acknowledged the impact of coronavirus and the shutdowns aimed at containing it on the city’s sales tax revenue.

“The city is currently in a spending freeze, with COVID. But...we are making sure that we are moving the expenses associated with the cyber attack forward,” she said.

LaGrue's department this spring proposed saving money by letting full-time staff work 35 hours a week instead of 40, installing free versions of some needed software and other steps. But she said Tuesday that any staff cuts would be a “last step” that would come after softer trims to the budget. City officials have said they expect to know more in the coming weeks about how the cuts might look.

Even as it has dealt with the lasting effects of the attack, the pandemic has presented new problems for LaGrue's team, she said.

It has had to provide tech support for hundreds of employees who have been working from home because of the coronavirus.

The coronavirus also prompted the city's tech department to prepare a dashboard of new cases, deaths and other disease trends in the city that has been viewed at least 27,000 times.

Notably, since the coronavirus shuttered businesses in New Orleans and around the country, the city has seen a rise in phony emails from hackers seeking to score a payday, something that has tested the city's new protections.

"We did see an uptick in impersonation, or phishing attempts, but nothing that penetrated or permeated our environment," LaGrue said.

The city expects to be fully recovered within months.

©2020 The Times-Picayune | The New Orleans Advocate. Distributed by Tribune Content Agency, LLC.