The cyberattack on St. Helena, California prompted officials to shut down the Public Library and restrict computer system usage at City Hall. Network irregularities were first noticed around 7 a.m. on Monday, May 13. St. Helena is collaborating with the Northern California Computer Crimes Task Force, specializing in computer forensics for law enforcement. Initial assessments indicate the cyberattack compromised over 20 computers and a network server.
A task force of law enforcement cybersecurity experts, including members of the FBI and the United States Secret Service, responded to the attack. Investigations revealed that St. Helena’s antivirus system had blocked multiple attacks starting around 1:30 a.m. on Monday. The virus resembled one used by a “known group” targeting other California cities, similar to a previous attack on Oakley in February.
Approximately 50 miles south of St. Helena, two cities in Contra Costa County experienced their own cybersecurity incidents within the same week. These reported cybersecurity issues occurred in late February of 2024, within the cities of Oakley and Pleasant Hill. Oakley reported a ransomware attack, prompting the activation of its Emergency Operations Center and IT had taken affected systems offline. Meanwhile, Pleasant Hill detected and isolated an intrusion into its computer infrastructure. Both Oakley and Pleasant Hill assured residents that essential services remained operational, with ongoing investigations to assess and mitigate the extent of the breaches. These attacks occurred the same day in Contra Costa County, however, it is still unclear if they’re connected.
Just two months later a similar attack occurred in St. Helena. The city began to experience network irregularities around 7 a.m., leading officials to notify the city’s IT contractor. Around 9:30 a.m., administrators from the city’s Emergency Operations Center convened and decided to close the St.Helena Public Library. The library had experienced disruptions before, including phone outages, Wi-Fi issues, and disruptions to virtual services.
The city of St. Helena was fortunate that many of the systems were cloud-based, therefore unlikely to get compromised. St. Helena relies on over 25 cloud systems, some of which store sensitive data for employees, businesses, and residents. The city confirms that all files were backed up on Sunday, the night before the attack, as part of its cybersecurity and business continuity strategy.
Despite the backup measures, cybersecurity experts estimate it may take 24 to 72 hours to clear systems and restore files. As of over a week after the attack there has been no update on file restoration. Fortunately, critical infrastructure such as water and wastewater plants or emergency services were unaffected, as they operate on separate networks.
This security breach underscores the importance of data protection. That’s why Consortium Networks offers cybersecurity solutions, assisting clients in safeguarding their information. Consortium Networks serves as the trusted Cyber Concierge, committed to providing expertise, product information, and reviews to help clients address cybersecurity challenges effectively.
Cultivating a World Where Salespeople are Allies, not Adversaries