Tulsa Shuts Down Systems Due to Double-tap Ransomware


The Whistler attack and the Tulsa attack are believed to be double-tap ransomware hacks. This means that, in both cases, files are immediately encrypted and then data is stolen.

Although Tulsa claims no customer information has been breached, if true, that would be surprising. The point of a ransomware attack is to hold private data for ransom.

“Ransomware continues to be a prolific threat to our local, state, and federal governments, as well as essential critical infrastructure like we have seen with the recent Colonial Pipeline attack,” says James Carder, the chief security officer at security intelligence company LogRhythm Inc. and vice president of the LogRhythm Lab.

 “Unfortunately, governments will continue to be sought-after targets for hackers because of the public nature and significant impact, the plethora of rich information that can be leveraged, and the often-inferior defenses that allow easy exploitation,” Carder adds.

Government entities now understand that there is an increasing possibility of ransomware attacks. And they should take steps to prevent them, Carder pointed out. “The attacks we have seen over the last 72 hours are a marked escalation to what was an already major threat,” he said.