Aftermath of the Huber Heights, Ohio Ransomware Attack

According to the Dayton Daily News, the government office of Huber Heights is one of multiple cities to experience a cyber-attack.  In November of 2023, the government office realized that a cyber-attack had occurred compromising data of 5,738 people. $800,000 has been issued on recovering information and rebuilding the city network. The ransomware attack has affected zoning, engineering, taxes, utilities, human resources, and economic departments. Early articles indicate they might have expected city systems to be down for a few weeks and $350,000.

Specifics of what caused the attack are unclear. What vulnerabilities were taken advantage of is unclear. However, systems weren’t restored until two months after the attack.

Some Governments Who Experienced Cyber Attacks Over the Past Year

• Washington County Pennsylvania was shut down after a cyber-attack that occurred in 2024.
• Dallas County, Texas experienced a ransomware attack in 2024.
• California State Worker Union experienced a ransomware attack in 2024.
• Colorado’s public defender’s office was shut down in 2024 due to cyber-attack.
• Beckley, West Virginia in 2024 experienced a cyber-attack.
• The Kansas Judicial Branch experienced a security incident in 2023.
• Maine Government had a vulnerability that was exploited in 2023.
• Oregon Department of Transportation was a part of global hack in 2023.

What We Can Learn

The Center for Internet Security, “The center found that malware attacks increased by 148%, while ransomware incidents were 51% more prominent during the first eight months of 2023 than they were during the same period a year earlier. Non-malware cyberattacks, in which hackers use the tools that already exist on a device or within software to take over a system instead of creating a custom tool that could be flagged as malware, increased by 37%. The report also documented a 313% rise in endpoint security services incidents, such as data breaches, unauthorized access and insider threats.”

Basic measures to ensure your company is taking precautions to find weaknesses to avoid being exploited.

1. Cybersecurity risk assessments are performed to look for company weak points.
2. Ensure your computer and phones are up to date and patches are installed.
3. If a system cannot be patched, ensure that it is separated and protected with added security protocols.
4. Work with a reputable Cyber Security company to have security monitoring that is automated.
5. Work with a reputable Cyber Security company to set up other best practices including limiting staff privileges, best practices, stay knowledgeable about the latest threats, etc.

The Cybersecurity and Infrastructure Security Agency (government agency) has put together a guide with more steps to help prevent cyber-attacks. Check it out here: #StopRansomware Guide

When planning for your cyber security needs, it is essential to find a cyber security company you can trust with your livelihood. Given the evolving tactics and tricks cybercriminals use, it’s important that the company you trust has the right tools, training and processes to protect your assets to keep your company working.

To receive a complete cybersecurity audit and discuss what vulnerabilities your company has, we invite you to reach out to us to us further.