A sustained malware attack that started more than a week ago heavily impacted operations in the city of Allentown, Pennsylvania. According to a local newspaper, Mayor Ed Pawlowski announced last Tuesday that some of the city’s financial and public safety systems had to be shut down. The malware spread quickly, affecting surveillance cameras, external banking transactions, and even limited police database access. The attack will reportedly cost the city around US$1 million, mostly to mitigate the threat and apply fixes to the impacted systems.
The malware reportedly responsible for terrorizing the city is the long-running Emotet (detected by Trend Micro as TSPY_EMOTET.THBB), an infamously adaptable and changeable malware that we last saw hijacking a Windows API in November 2017. Emotet has been consistently widening its targets and capabilities, and recently incorporated new routines that enabled it to elude sandbox and malware analysis.
Initial information about the attack notes that Emotet is self-replicating and was able to spread quickly throughout the city systems because it harvested credentials from city employees. It affected city systems running on Microsoft, and the city has hired a team of Microsoft engineers to handle the problem. So far, there has been no evidence that the attack compromised citizens' personal information. But, city officials have also warned people from opening any emails and attachments from city employees since compromised Microsoft Word documents is a known Emotet infection vector.
Concrete details of the attack have not been revealed. The mayor is actively avoiding releasing information about what is being done — a hacker might be responsible and may still be able to modify the attack in response to steps taken by the city.
Security issues surrounding smart cities
As cities incorporate smart devices into their environments and use connected systems, they also open themselves up to more risks. Malware could spread and infect multiple systems; if they are critical to city operations, then any sudden compromise could affect or endanger lives. Before cities adopt new technologies, pros and cons must be weighed, and security should be a top consideration.