A cyberattack on the city’s computers forced the shutdown Tuesday of much of Akron’s 311 system just as a particularly severe snowstorm concluded, Akron Mayor Dan Horrigan said Friday.
City spokeswoman Ellen Lander Nischt said the cyberattack included ransomware demanding a "five-figure sum" of money.
Ransomware is a type of malicious software that threatens to publish a target's data or permanently block access to it.
“The city did not need to respond to the ransomware demand because we have daily back-ups of all city files,” Nischt wrote in an email after a news conference Friday afternoon. “We will be able to restore locked files from these daily back-ups.”
In addition to the city's 311 system to communicate with residents, other "critical software and hardware systems" were attacked, Horrigan said.
The city’s Office of Information Technology became aware of the suspicious cyberactivity Tuesday afternoon, an attack believed to be “financially motivated,” the mayor said.
The FBI and Ohio Highway Patrol joined the city’s investigation Wednesday morning, and as the scope of the attack became known, the need for additional resources became clear.
On Friday morning, the mayor made a formal request to Gov. Mike DeWine for immediate help from the Ohio National Guard Cyber Team. The governor approved the request and eight cybersecurity experts — soldiers and airmen — were activated, according to a news release from the Ohio Adjutant General’s Department.
On Friday afternoon, the governor’s official twitter account tweeted: “I authorized the deployment of @OHNationalGuard's team of cyberwarriors to assist #Akron following this #CyberAttack. It's important that the state supports local government, and we will do whatever we can to help communities in times of need such as this.”
Horrigan was grateful for the governor’s quick response.
“I want to personally thank the governor, who took an early call from me,” Horrigan said.
The addition of the 172nd Cyber Security Protection Team adds one more layer of expertise to an attack response that is expected to take weeks and include “additional software and hardware to be taken offline.” Those actions will likely affect “certain city operations.”
The mayor vowed to alert the public if the city anticipates “any major disruptions to city services or public access to online systems.”
FBI Assistant Special Agent Bryan Smith said at the news conference that the malware infecting Akron’s computer system is known to the agency.
“Anybody and any entity can be hit with one of these,” Smith said. He declined to further characterize specifics of the attack and early results of the investigation. He also declined to discuss what resources the FBI will lend to the investigation.
Although the investigation is still in its nascent stages, Nischt said that the malware was “not an attack … of a nation-state.”
Nischt said that although the shutdown of much of the 311 system came at an inopportune time, the city was already preparing to plow all Akron streets.
"It only impacted their ability to communicate with us," Nischt said.
Tuesday's cyberattack isn't the first for the city.
In May 2013, Akron's website was hacked by the Turkish Ajan, part of Anonymous' OpUSA Campaign, which attempted to hack into various U.S. government websites. In addition to Akron, the campaign successfully hacked a city in Alabama.
At the time, then-Mayor Don Plusquellic threatened to cut off diplomatic relations with Turkey and called the action an attack on the United States.
About 35,000 tax files of individual's names, Social Security numbers and addresses were acquired by hackers in the 2013 attack. Much of the information was posted online. Plusquellic said the city had spent $36 million on upgrades to its computer hardware and software since 1997.
City officials said there is no evidence at this time that any personal information from the city's customers, residents or taxpayers was compromised in the latest attack.
At Friday’s news conference, Horrigan said the city has invested more than $9 million in citywide IT infrastructure and maintenance. Nischt said that no amount of spending can make the city's system 100 percent safe from constantly evolving cyber threats.
Alan Ashworth can be reached at 330-996-3859, firstname.lastname@example.org or @newsalanbeaconjournal.