Although the power stayed on for customers of the utility company Reading Municipal Light Department (RMLD) last month, the power station’s computer systems were frozen and encrypted by a ransomware attack.
In a post on their website the following Tuesday states that “There is no impact to the delivery of electric service. At this time, there is no indication that customer financial data (such as bank account and credit card information) has been compromised as it is housed in a separate third-party system.”
All customer services done through their website, such as service requests, payments, and outage reporting were offline, however. Thankfully, because they use a third-party vendor for their invoicing database, customers’ financial information was completely safe.
This is just the latest attack targeting municipalities. According to NBC Boston, 260 cities and towns responded to a broad survey asking if they’ve ever been victim to an attack.
“One out of every six communities in Massachusetts has been infected by ransomware,” they report.
Some communities do indeed barter with the cybercriminals, oftentimes using taxpayer dollars to pay off the ransom.
During Summer 2019, 23 Texas cities were the victims of a coordinated ransomware attack with a price-tag of millions of dollars.
“The majority have targeted small-town America, figuring that sleepy, cash-strapped local governments are the least likely to have updated their cyberdefenses or backed up their data,” wrote the New York Times.
According to IBM Security’s “Public Sector Security Research” poll released earlier this year, “73% of government employees are concerned about impending ransomware threats.” In addition, only 63% of IT Professionals in the public sector were confident that a ransomware attack could even be prevented.
The RMLD hired outside IT help to co-manage the situation with their own IT department as they looked for the root of the cause.
“RMLD takes this cyber infiltration very seriously, and staff is working tirelessly to correct this issue and restore regular business operations as soon as possible,” they stated on their website. “Updates will be provided regularly as the situation evolves.”