Ransomware Attacks Knoxville, Tennessee, City Computer Work
The city of Knoxville, Tennessee, suffered a ransomware attack on June 11, though financial and personal information was not compromised, according to a local news report.
In a statement about the attack, Knox County Mayor Glenn Jacobs said:
“Cyber attacks can happen to anyone or any government no matter how good the defense is. In a lot of cases, it’s not a matter of if but a matter of when. Our IT department has been in contact with the city and we stand ready to help if they need it. I have an insurance background, so when I took office, I was extremely concerned about cybersecurity issues, and I made it a priority to harden our defenses in case of an attack. Our IT department has done an amazing job protecting the county and I’d like to thank them for that. The county and city do share some of the same network paths, but to date we have no evidence of any compromise on our side. However, we did pull back and sever the connectivity between all of our shared agencies until we are fully confident that the issue has been contained. We will bring those paths back online one at a time as soon as our cyber team feels that we don’t have any exposure.”
It sounds like the ransomware attack impacted one police department application. The Knoxville Fire Department was not impacted, according to the report. Although the city’s website was down, Knox County government operations were not impacted.
Knoxville Ransomware Attack: More Details
Among other details from the local report:
- The attackers demanded a ransom payment, but the city has not commented on whether it will pay the extortion demand.
- The city apparently has a backup and disaster recovery (BDR) system, which may mean that there are safe backups of the encrypted systems.
- Knoxville does not have a cyber insurance policy.
- The city is working with risk management firm Willis Towers Watson to further evaluate the situation.
The city did not say whether it works with an external managed security services provider (MSSP).
How MSPs Can Mitigate Ransomware Attack Risks: To safeguard your MSP business and clientele from ransomware attacks, follow this tip sheet.