Page Nav

HIDE

Pages

Classic Header

{fbt_classic_header}

Breaking News:

latest

Tulsa residents won't be able to pay utility bills for THREE WEEKS after ransomware attack like Colonial Pipeline outage - as it's claimed insurance giant CNA financial 'paid $40m extortion fee'

  Tulsa residents won't be able to pay utility bills for at least three weeks after the city's computer systems were hit by a Coloni...

 Tulsa residents won't be able to pay utility bills for at least three weeks after the city's computer systems were hit by a Colonial Pipeline-style ransomware attack.

The ransomware attack on the Oklahoma city's municipal systems was discovered on May 17, with officials warning Thursday that computer systems will be down for between three weeks and a month.

It is unclear exactly which of the city's systems were targeted, although police bodycam footage is taking longer to upload to a centralized system than usual. 

Emergency dispatchers are still able to handle 911 calls, but residents have been warned they will not be able to make electronic payments for utilities like water.

City officials say no-one will be cut off for a late payment until at least five days after their systems have been restored. 

Downtown Tulsa. A ransomware attack on the city's systems, discovered earlier this month, was similar to the ransomware attack that shut down the Colonial Pipeline for days, Tulsa officials said

Downtown Tulsa. A ransomware attack on the city's systems, discovered earlier this month, was similar to the ransomware attack that shut down the Colonial Pipeline for days, Tulsa officials said

CNA Financial's Chicago headquarters are seen above. The insurance firm reportedly paid ransomware hackers $40 million in March

CNA Financial's Chicago headquarters are seen above. The insurance firm reportedly paid ransomware hackers $40 million in March

News of the outage emerged as it was claimed insurance giant CNA Financial paid off an extortion fee of $40 million following a separate hack. 

Chicago-based CNA Financial, one of the largest insurance companies in the country, made the payment in March to regain control of its network from hackers, sources told Bloomberg on Thursday.  

'CNA is not commenting on the ransom,' a company spokeswoman told the outlet. 'CNA followed all laws, regulations, and published guidance, including [Office of Foreign Asset Control]'s 2020 ransomware guidance, in its handling of this matter.' 

The revelation comes after the world learned that Colonial Pipeline paid the Russia-based hacker gang DarkSide a $4.4 million ransom to regain control of the key fuel pipeline that supplies the East Coast.


Meanwhile, officials in Tulsa said on Thursday that the attempted attack there was similar to the one on Colonial Pipeline, and that the hacker group responsible is known.  

Mayor G.T. Bynum said Tulsa's computer security system identified the attack and shut down the system before it was infiltrated. It is unclear which of the city's services were affected by the attempted hack. 

'I can't share anything other than we know who did it,' Bynum said, adding that the city did not pay the hackers. 

'They wanted to talk with us about what (a ransom) would be for them not to announce (the attack) and we never engaged them,' he said.

The attack, discovered earlier this month, was similar to the ransomware attack that shut down the Colonial Pipeline for days, according to Tulsa Chief Information Officer Michael Dellinger.

Mayor G.T. Bynum said Tulsa's computer security system identified the attack and shut down the system before it was infiltrated

Mayor G.T. Bynum said Tulsa's computer security system identified the attack and shut down the system before it was infiltrated

The DarkSide gang behind the Colonial attack appears to be offline after key servers used by the hackers were seized by unknown actors last week. 

Their attack on the Colonial Pipeline shut it down on Friday May 7, triggering panic buying in states including Florida and North Carolina as gas pumps ran dry.

The pipeline was gradually restored from May 13, after bosses agreed to pay hackers the $4.4 million ransom.  

Tulsa's computer system remains shut down while each of the city's computers and servers are examined and cleaned, Dellinger said. There has been no indication any data was breached, he added.

Dellinger said an investigation is underway to determine how the attacker infiltrated the system

No comments