The city of Coeur d’Alene announced Monday it had detected malware in its computer network the day before.
Affected systems were taken offline as the city worked to “secure and restore services safely,” an email from the city said. The city’s website was inaccessible Monday, and Coeur d’Alene’s mayor, Jim Hammond, confirmed the city’s phone system was down.
The release told residents to expect delays from the city but said 911 and emergency resources remained in operation.
A Coeur d’Alene Police Department Facebook post on Sunday announced the department was facing technical issues, and administrative and regular business calls could not be routed. Emergency and nonemergency calls, handled by Kootenai County dispatch, were unaffected, the post said. The department was planning on a resolution by Monday.
According to the release, the city was actively monitoring the situation Monday, working with third-party cybersecurity and data forensics consultants, following industry best practices and developing a strategic plan to address the issue.
David Vosen, a cybersecurity instructor at Spokane Falls Community College, said Coeur d’Alene’s actions so far have been “pretty standard.”
“They realized that there was malware … so they stopped all services because they don’t know where the attack maybe came from,” Vosen said. “Part of it is you’re trying to stop the attack, but you’re also trying to make sure that you have evidence to figure out where this came from so it won’t happen again.”
The attack on Coeur d’Alene’s computer system could be coming from anywhere in the world, Vosen said. And technically, the attacker could have targeted any organization in the world.
Vosen said the attack isn’t surprising because government agencies are typically more vulnerable to cyberattacks than private institutions due to their obligation to share information and resources with their constituents.
“Usually, cyberattacks are attacks of opportunity. Cyber criminals are looking for easy targets, low-hanging fruit,” he said. “Educational institutions and government institutions are going to have some of the highest attack surfaces for criminals because we have to be open. We have to be public with our information.”
Citizens may pay their utility bills through a city’s website, and city governments often share staff contact information on the web.
“All those things also create an internal vulnerability,” Vose n said.
Vosen said he doesn’t know enough about the services Coeur d’Alene provides on its network or what city systems have been affected by the attack to say if city residents should be concerned about the safety of their information.
Still, “if they do have username and passwords associated with the city of Coeur d’Alene,” Vose n said of residents, “when they’re allowed, if they’re still allowed to go in and change their passwords, they should do that.”