With last week's Tulsa Ransomware Breach, we wanted to look further...

Yesterday we shared information of Tulsa's unfortunate Cyber attack and Ransomware and also the fact Tulsa were maintaining sub optimal internet connections. This was shown as their overall internet security rating of F and 0 as well as domains using obsolete TLS rendering the websites as Not Secure in the address bar. The implications of which means numerous, serious security omissions as well as flagging up the insecure site to would be cyber criminals. Tulsa have had F rated internet connectivity since 2017...

The following Cities have all been victims of recent Cyber attacks and Ransomware and although in July 2019 the US Conference of Mayors unanimously passed a resolution calling on local officials to cease paying Ransomware, Crypto payments have become the norm...

Alaska were breached again in the last week, they were also breached on the 4th December 2020 shortly after the elections. We tried to inform, then alert Alaska as long ago as May 2020 prior to the Presidential elections of their insecure position and 27 CVE's. Alaska have now been breached three times in two years and continue to ignore their internet security.

On May 7, 2019, most of Baltimore's government computer systems were infected with the aggressive ransomware variant RobbinHood. All servers, with the exception of essential services, were taken offline. In a ransom note, hackers demanded 13 bitcoin (roughly $76,280) in exchange for keys to restore access. In April of 2021 the University of Maryland was also the victim of a cyber attack. Both continue to maintain sub optimal and highly insecure domains.

Denver are also no strangers to breaches which really started back in 2010 with the Denver International Airport breach. Denver have made a small improvement recently to have an overall security Rating of D and 30/100 which is a marked improvement from their F Ratings since 2016 until the end of 2020. A D rating is nothing to be proud of however and we would urge Denver, along with every City and company to address and remediate their domains security position before a further Cyber attack manipulates their exploitable position.

A Cyber attack struck Knoxville city servers early on June 11 2020. During a Ransomware attack, hackers infiltrate a computer network, lock down data and demand payment to restore access. This attack briefly knocked the city of Knoxville's website offline and left the Knoxville Police Department locked out of their reporting system for two weeks. Officers couldn't access old reports and were forced to take new ones with pen and paper. Knoxville some 12 months later are still maintaining sub optimal and insecure domains. Knoxville have maintained insecure domains since April 12 2016 to date...

A ransomware attack targeting the city of New Orleans initially inflicted $7 million in losses with more losses incurred in following months, Mayor Latoya Cantrell said in a recent update. At 5 a.m. on December 13, New Orleans became yet another victim in a long list of Ransomware attacks directed as U.S. municipalities. It threw the state of Louisiana’s most populous city into a state of emergency. New Orleans 6 months post this breach have also continued to maintain sub optimal domains that render them exposed, highly vulnerable and what is more, easily exploited.

The United States and indeed the entire world can keep pointing fingers, puffing their chests up and crying foul, however, until everyone takes responsibility for their own security and especially their critical internet connected domains security, they will keep being targeted and attacked. This list of just 6 Cities most probably has a culminative cost to breaches and losses of the best part of $100m. It would cost as little as 1% of that to ensure they were secure connected to the internet as opposed to systemically and woefully insecure.

Not one of these already breached Cities have really made any improvement of note. They continue to maintain their insecure position and cross their fingers. Sooner or later the attack will be so severe, like the Colonial Pipeline attack that will potentially effect millions of people. At what point do leaders proactively address their organisations and local governments insecurity? Is that time not here already or do they need to burn another $100m or two?

Whitethorn Shield.