Liege, one of the biggest cities in Belgium, was hit by a ransomware attack that has disrupted the IT network of the municipality and its online services.
“The City of Liège is currently the victim of a large-scale targeted computer attack, obviously of a criminal nature.” reads the status page published by the city. “The City of Liège, surrounded by experts of international competence, analyzes the scale of this attack and its consequences, in particular in terms of duration on the partial unavailability of its IT system. It is doing everything to restore the situation as soon as possible. Services to the public are currently heavily impacted.”
In response to the attack, IT staff shut down its network to avoid the malware from spreading.
To avoid propagation to its entire network, staff were instructed not to turn on a computer in the office.
The City of Liège launched an investigation into the attack with the help of international security experts and is currently working to restore the operations.
“The precise list will be provided as soon as possible in order to avoid any unnecessary travel,” the City said in a press release. “Citizens who show up for their meeting will be personally informed of the procedure to follow to set up a new meeting,”
At the time of this writing, the experts have yet to determine the extent of the cyber attacks and it is not clear if threat actors have stolen City’s data.
Belgian media speculate the involvement of the Ryuk ransomware gang citing a source informed about the event.
“The City of Liège, whose computer system has experienced a serious failure since Monday morning, is the target of a ransom demand via ransomware named “Ryuk”. This is what we learned from a good source, a few hours after the observation of this computer failure, which affects many services, such as the civil registry and district town halls.” reported RTC Tele Liege.
Unfortunately, attacks against municipalities are becoming very frequent, in the US we observed a long string of ransomware attacks targeting municipalities of various sizes. The list of targeted municipalities includes City of Tulsa,City of Saint John, Albany, Atlanta, Baltimore, Florence, Knoxville, Lafayette, New Orleans, and more.
(SecurityAffairs – hacking, city of Liege)