Ransomware Attack Sends City of Wichita Back to Pen and Paper

The city of Wichita in the US state of Kansas has issued a notice informing citizens that multiple municipal systems are down, and will remain so for a while, due to a ransomware attack.

“We regret to report that certain online City services may be unavailable as we thoroughly review and assess an incident that affected some of our computer systems,” according to the notice, posted by the city on May 5.

“As part of this assessment, we turned off our computer network. This decision was not made lightly but was necessary to ensure that systems are securely vetted before returning to service,” the memo reads.

The city reveals it was hit by a ransomware attack, which prompted it to shut down some computer networks and systems to prevent the spread of the malware.

The notice assures Wichita residents that public safety is the city’s no. 1 concern. The police and fire departments are responding to calls for service but cannot use technology for the time being, and have reverted to pen and paper. The same goes for other city services and systems.

An update to the notice assures Wichita residents that water systems are functioning normally. However, bills, fines and other types of payments must be made in person, by check or cash.

It’s currently unclear what data (if any) has been compromised in this attack.

“Detailed assessments of these types of incidents take time,” city officials say. “We thank you for your patience, understanding, and respect for the integrity of this review process.”

The group responsible for the attack remains unknown, though the city’s wording indicates it has an idea who is behind the attack: “This is not being shared for operational security purposes,” reads the FAQ.

The wording may also suggest the city is in negotiations with the threat actor, and may be considering paying ransom to restore systems and prevent data leakage on the underground web.

As is the case with most ransomware attacks of this scale, some data has likely been compromised and may soon appear on the ransomware operators’ leak site if no agreement is reached between the attackers and the victim.

If you’re a Wichita resident, be wary of unsolicited communications via text or email. Threat actors are known to use personal data stolen in ransomware attacks to build phishing lures and scam the populous.

For peace of mind, consider using a data monitoring service like Bitdefender Digital Identity Protection. DIP lets you instantly find out if your data has leaked online, what type of information was compromised, what risks you face, and whether your information is up for sale on the dark web.