California's City of Oakley declares an emergency following a ransomware attack

The City of Oakley in the US state of California said it experienced a significant ransomware attack that forced officials to take several of its systems offline and announce a state of emergency.

 

The City announced via a press release that on February 22, it was a victim of a ransomware attack and its Information Technology Division is working closely with law enforcement authorities to respond to the incident.

The City also launched an investigation, with assistance from external cyber security professionals, to understand the scope of the incident. “The City is following industry best practices and developing a response plan to address the issue,” it said.

 

City officials added that emergency services like 911, police, fire, and ambulance were not impacted by the security incident and are able to cater to the residents of Oakley.

 

“In an abundance of caution, the City Manager has declared a local state of emergency, the City’s Emergency Operations Centre has been partially activated, and IT has taken affected systems offline while we work to safely secure and restore services,” the city added in its press release.

 

According to the California Governor’s Office of Emergency Services, the main objective of declaring a state of emergency is to “provide extraordinary police powers; immunity for emergency actions; authorise issuance of orders and regulations; activate pre-established emergency provisions; and is a prerequisite for requesting state or federal assistance.”

 

“A local emergency proclamation can only be issued by a governing body (city, county, or city and county) or an official designated by local ordinance. The proclamation should be issued within 10 days of the incident and ratified by the governing body within 7 days. Renewal of the resolution should occur every 60 days until terminated,” the Governor’s office said.

 

The City has advised Oakley residents to remain patient and expect delays in non-emergency services while officials revive the affected systems and return to normal operations.

 

As of now, no ransomware group has claimed responsibility for the cyber attack on the Californian city, and City officials are yet to disclose details on how the threat actors infiltrated its systems or whether any data was stolen from its internal network.  

 

The City of Long Beach in California also experienced a network security incident in November that forced City Manager Tom Modica to issue a “Proclamation of Emergency due to the need for a swift emergency response to protect City systems, preserve operational capacity, and to be able to quickly respond as a workforce to a very dynamic situation that could have significant impacts on the City’s ability to provide critical services to the public.”

 

In February 2023, the City of Modesto in California also experienced a significant cyber attack that affected portions of its computer systems. The notorious Snatch ransomware group claimed responsibility for the cyber attack on the City and listed it on its data leak site.

 

Another Californian city - the City of Oakland - suffered a ransomware attack in February last year that resulted in a network outage and forced the City to take several non-emergency systems offline. The city declared a local state of emergency for a week as the ransomware attack forced it to take all its IT systems offline and hampered local government operations.