Malware Attack Will Reportedly Cost Allentown, PA. US$1 Million
A sustained malware attack that started more than a week ago heavily impacted operations in the city of Allentown, Pennsylvania. According to a local newspaper, Mayor Ed Pawlowski announced last Tuesday that some of the city’s financial and public safety systems had to be shut down. The malware spread quickly, affecting surveillance cameras, external banking transactions, and even limited police database access. The attack will reportedly cost the city around US$1 million, mostly to mitigate the threat and apply fixes to the impacted systems.
The malware reportedly responsible for terrorizing the city is the long-running Emotet (detected by Trend Micro as TSPY_EMOTET.THBB), an infamously adaptable and changeable malware that we last saw hijacking a Windows API in November 2017. Emotet has been consistently widening its targets and capabilities, and recently incorporated new routines that enabled it to elude sandbox and malware analysis.
Initial information about the attack notes that Emotet is self-replicating and was able to spread quickly throughout the city systems because it harvested credentials from city employees. It affected city systems running on Microsoft, and the city has hired a team of Microsoft engineers to handle the problem. So far, there has been no evidence that the attack compromised citizens' personal information. But, city officials have also warned people from opening any emails and attachments from city employees since compromised Microsoft Word documents is a known Emotet infection vector.
Concrete details of the attack have not been revealed. The mayor is actively avoiding releasing information about what is being done — a hacker might be responsible and may still be able to modify the attack in response to steps taken by the city.
Security issues surrounding smart cities
As cities incorporate smart devices into their environments and use connected systems, they also open themselves up to more risks. Malware could spread and infect multiple systems; if they are critical to city operations, then any sudden compromise could affect or endanger lives. Before cities adopt new technologies, pros and cons must be weighed, and security should be a top consideration.
[READ: US Cities Exposed in Shodan]
Here is a 10-step Cybersecurity Checklist we recommend for cities looking to adopt smart technology:
- Perform quality inspection and penetration testing
- Prioritize security in service level agreements (SLAs) for all vendors and service providers
- Establish a municipal CERT or CSIRT
- Ensure the consistency and security of software update
- Plan around the life cycle of smart infrastructures
- Process data with privacy in mind
- Encrypt, authenticate, and regulate public communication channels
- Always have a manual override ready
- Design a fault-tolerant system
- Ensure the continuity of basic services
For more detailed information and solutions, view our research paper on securing smart cities.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale