Expert explains how City of Oakland may have become victim of ransomware attack

ByLeslie Brinkley KGO logo
Tuesday, February 14, 2023
How City of Oakland may have become victim of ransomware attack
How did the City of Oakland become a victim of a ransomware attack? Expert says a phishing email could be to blame.

OAKLAND, Calif. (KGO) -- The City of Oakland is still dealing with a ransomware attack that has taken some city systems offline although 911 and fire services are still up and running.

How was the City of Oakland hacked? Experts say it was most likely a phishing email that led to compromising their data.

RELATED: City of Oakland reports being victim to recent ransomware attack

"Ransomware is on the rise for a simple reason. It's on the rise for a few years because of cryptocurrency availability," said Ahmed Banafa, a cybersecurity expert and a professor at San Jose State University.

The FBI via a government website defines ransomware as "an ever-evolving form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable."

The hackers usually demand a bitcoin ransom to be deposited in an overseas account to decrypt the files. It can cost thousands, if not millions for a company or a city to back up its systems instead of paying the ransom.

"If I were in their shoes I'd be at the point where I'd have to make that decision to pay or not, looking at the cost of recovering from the backup. Usually, in a situation of ransom they give something like 5-7 days for organizations to make a decision and get back to them," said Banafa.

RELATED: FBI has seized website used by notorious ransomware gang

Oakland issued a statement Friday that 911 and emergency services were not affected by the ransomware. But when ABC7 News attempted to get a copy of a police report over the weekend, the response was that the files were unavailable due to the attack. The City of Oakland has not responded to a request for an interview about the attack.

Several small cities in Florida each paid upwards of a half a million dollars in ransom a few years ago to resurrect their systems. In contrast, Atlanta refused to pay a $51,000 ransom, instead paying millions to recover their data. The hackers know who they are targeting.

"They go after the government and they went after the schools because they know there's not much spending on the IT department," said Banafa.

Now Streaming 24/7 Click Here

If you're on the ABC7 News app, click here to watch live