Ohio city severely disrupted by ransomware attack


Huber Heights in Ohio, USA, was hit with a cyberattack that’s expected to limit access to local services for at least a week. Another attack impacted a county in North Carolina.

Huber Heights, an Ohio city with nearly 45,000 residents, has been struggling with a ransomware attack since November 12th.

According to city authorities, the attack has impacted several divisions, such as Zoning, Engineering, Tax, Finance, Utilities, Human Resources, and Economic Development.

ADVERTISEMENT

“With the exception of public safety, the City of Huber Heights expects impacts to other City services for at least a week,” Huber Heights’ situation update reads.

While the breach did not impact public safety services, local residents couldn’t ask the city for permits or make utility payments online.

Local governments should not forsake cybersecurity as ransomware attackers often prey on agencies providing crucial services, Andrew Costis, Chapter lead of the adversary research team at AttackIQ, said.

“Governments that think like their adversary can simulate the common tactics, techniques, and procedures (TTPs) used by threat actors to test their security defenses,” Costis said.

Just two days after Huber Heights was first attacked, another US local government body, North Carolina’s Bladen County, suffered a similar fate. While the county’s official statement doesn’t specifically mention ransomware, officials said that they “discovered irregularities” in the institutions’ systems.

“Based on the preliminary investigation, the malicious activity performed by cybercriminals on our county network was designed to access our systems and the data contained within those systems. We can confirm the criminals were able to access some of the County’s data,” the statement said.

Bladen County officials said the local government will operate under regular hours. However, it admitted that “most of the county systems that rely on internal servers or access to the internet will be impacted,” indicating that the attack may involve attackers encrypting the county’s systems.

Sally Vincent, Senior threat research engineer at LogRhythm, said that government organizations should review access control practices and always maintain viable backups.

ADVERTISEMENT

“Organizations should also maintain offline backups and have an incident response plan that security teams can practice working through. Implementing multi-factor authentication (MFA) and a zero-trust architecture can also help prevent or reduce the severity of an incident,” she said.