by Stefan Stanford, All News Pipeline:
Tuesday morning millions of internet websites went dark, including here at ANP, with tens of millions of people getting a 502 error pagerather than the website they were trying to access. According to Cloudfare, which was behind this massive internet outage, this was due to an internal software issue much different than last weeks BPG outage which was caused by an external issue.
For about 30 minutes today, visitors to Cloudflare sites received 502 errors caused by a massive spike in CPU utilization on our network. This CPU spike was caused by a bad software deploy that was rolled back. Once rolled back the service returned to normal operation and all domains using Cloudflare returned to normal traffic levels.
While the outages were short, the list of affected locations is extremely long, too long to list them all here, but the Cloudfare Status pagehas them all listed towards the bottom of the page.
While Cloudfare is accepting full and total responsibility for Tuesday’s outages, others have noted that DDoS attacks across the globe were significant in nature at the same time, as shown by an attack graph posted by Editor-in-Chief of Lifewire, Lance Ulanoff, to his Twitter account.
Tuesday’s outages brought to mind another semi-related issue that we at ANP have been meaning to address.
There has been a substantial increase of ransomware hack attacks hitting major cities within the U.S. in 2019, which have caused their own variety of outages within those cities, costing tens of millions in damages as well as the “ransom” paid to the hackers by some of those cities.
CITY SERVICES SHUT DOWN BY CYBERATTACKS
Before 2019 began, the worst ransomware cyberattack documented was what happened in Atlanta Georgia on March 22, 2018, affecting certain city systems for more than a week, at an eventual price tag over approximately $17 million, after Atlanta decided to refuse to pay the bitcoin ransom demand.
That attack affected things like online bill paying access and some law enforcement data, but reports that came out more than two months afterwards, showed there was far more monetary damage than the city originally believed. By August 2018, those estimates had skyrocketed.
The SamSam ransomware attack that took down the city of Atlanta’s computer network in March could cost taxpayers $17 million — up from earlier estimates of $2.7 million, according to a “confidential and privileged” seven-page document reviewed by The Atlanta Journal-Constitution and Channel 2 Action News.
The latest cost estimate includes about $6 million in existing contracts for security services and software upgrades and $11 million in potential costs associated with the attack, including new desktops, laptops, smartphones and tablets. This would mark one of the U.S.’ costliest cyberattacks affecting a local government in 2018, despite city officials declining to pay the ransom demanded by the hackers.
In 2019, those attacks against multiple cities in the U.S. have increased, not only in terms of ransom demands, which some cities have paid against the advice of law enforcement, but also in terms of what services were affected.
In early May 2019, it was Baltimore’s city computers that were infected by ransomware dubbed RobbinHood, which encrypted hardware data and prevented government officials from being able to access the data.
Each computer affected by the attack demanded a payment of 13 bitcoin (over $75,000) for users to regain access to their files. Gizmodo reports that the FBI specifically advised the city against paying the ransom as it would not not reduce cybersecurity costs.
Essential services like police, fire and EMTs have remained operational but the attack has affected hospitals, factories producing vaccines, airports and ATMs.
Making matters worse for Baltimore as they frantically attempted to get services restored, they couldn’t access their email system, so they created a workaround by creating Gmail accounts. Google’s automated security system flagged the creation of so many accounts from one area and disabled them, according to The Baltimore Sun, via securityinfowatch.com, which reported “Gmail accounts used by Baltimore officials as a workaround while the city recovers from a ransomware attack were disabled because the creation of a large number of new accounts in one place triggered Google’s automated security system. “Eventually Google restored access to the accounts.
Four days ago Fox Baltimore reported the city is still not fully recovered from the attacks.
In March 2019, a ransomware attack hit the rural Jackson County in Georgia, which effected their 911, emergency system, as well as impacting other country agencies.