Debrief expected on city hack

In early June, the city of Keizer’s computers were hacked and the data therein held hostage until a ransom was paid. 

Even as city officials announced what had happened, details of what happened and how have been scant. Keizer Finance Director Tim Wood plans to debrief the council Monday, July 20, on with more details on what happened and what the recovery process has entailed. 

The city paid a $48,000 ransom to retrieve access to its data, an expense that the Keizer city council will eventually need to ratify, but there are likely already additional costs the city has incurred as a result of the digital strike. 

Early last week, Wood said the city staff are still monitoring the network and computers for lingering signs of viruses, continuing to rebuild and repair servers where the data was located, rebuilding some computers that were partially or fully encrypted in the attack, testing the stability of software the city uses and working with an outside consultant “to identify and implement ways to prevent this from happening again.”

With the attack and ransom payment, Keizer becomes the latest in a growing number of public and private sector victims of hacking. While some might have suspected a city the size of Keizer would be overlooked as a target for cyber crime, the shot across the bow happened in 2019. 

In August 2019, hackers infiltrated and held hostage the data of 22 cities in Texas. The smallest town on the list of victims was Wilmer, which has a population of 5,000. By contrast, Keizer has nearly 40,000 residents, and targets as large as Atlanta have been victims of similar, successful hacking efforts. 

As far as the amount of the ransom, $48,000, Keizer was let off the hook relatively easy – for now. Atlanta paid a similar figure when it was hacked in 2018, but Tillamook County forked over $300,000 to the hackers who invaded its systems five months prior to the Keizer hack. One digital security analyst Keizertimes spoke with in the wake of the hack said hackers are returning with additional demands at a later date in some cases.

The strain of virus used to attack the city’s computers is known as ransomware. Rather than destroying or deleting data, it puts the information behind a door that can only be unlocked with a numeric key that remains in the hands of the hackers.

In a report published by the World Economic Forum, cities of all sizes are urged to prepare for future digital strikes in the same way they would for an earthquake. 

“It requires developing the rules, regulations, procedures and budgets for city authorities, businesses and residents to prepare and respond to digital threats when and after they inevitably occur,” the report states. 

The report cites human error and a failure to implement best practices as the leading causes of such attacks succeeding. 

Many attacks could be prevented with relatively simple actions such as “software patching, correct firewall configuration, frequent and redundant backups, and use of multi-factor authentication for logons,” the report concluded.

The city council meeting begins at 7 p.m. at the Keizer Civic Center.