Hayward City Council ratifies local emergency proclamation following cybersecurity incident
The Hayward City Council held a special meeting last Thursday to ratify a proclamation of local emergency in response to an ongoing cybersecurity incident in which intruders are attempting to disrupt and hold hostage City computer systems and networks. The proclamation shall be in effect for a period of seven days, by which time it must be ratified by the Council of the City of Hayward.
“As Director of Emergency Services, I have determined that the proclamation of a local emergency is warranted by virtue of the extreme peril to the safety of persons and property in the City caused by a cybersecurity attack, including attempts to disrupt and hold hostage aspects and components of City computer systems and networks,” Kelly McAdoo, City Manager/director of emergency services, wrote in the proclamation document.
It further ordered that all City officers and employees take all steps requested by the City Manager to respond to the current event, maintain critical city functions, and prevent any further attempts to disrupt City computer systems and networks. It also directed that all City officers and employees take all steps requested by the City Manager to qualify the City for reimbursement from insurance providers as well as state and federal relief as may be available to reimburse the City for the expenses it incurs in addressing the emergency.
Industrial Cyber has contacted officials at the Hayward City Council to gather information about the cybersecurity incident, including an estimate of the number of systems affected and the nature of these systems.
On Wednesday, the agency identified that a declaration of emergency allows for greater flexibility in executive decision-making, deployment of City employees, and acquisition of needed equipment, supplies and other resources. It also can be a prerequisite to and streamline reimbursement of certain costs associated with responding to the incident.
“Since discovery of the cyber intrusion early Sunday morning, the City has maintained essential services, including 9-1-1 emergency dispatch, police, firefighter and emergency-medical response, water and sewer operations, and maintenance services,” according to a statement. “Access to the City website and email traffic into City offices have been restored after being turned off as precautionary measures.”
It added that thus far, no evidence has been found of a breach or theft of private personal or confidential information of any current or former City employee, community member or other member of the public. “If that were to change, the City would contact the affected individual or individuals directly.”
The Hayward City Council said Tuesday that the City “restored public access to its official website today as it continues to assess and recover from a cybersecurity event in which intruders attempted to disrupt and hold hostage aspects and components of its computer systems and networks.”
At the time, it added that City 9-1-1 emergency dispatch and police, firefighter and emergency-medical response services remain operational, as they have remained since the cyber intrusion was detected early Sunday morning. “The same is true of City water and sewer operations and other essential municipal services.”
The City Council said that as a precaution, “email communication into the City was turned off Sunday morning but also has been restored as of today. As a consequence, however, email sent to City addresses Sunday through late morning today may not have been received and consequently the sender may not receive a reply.”
Earlier this month, the Port of Nagoya, Japan’s largest and busiest port, was targeted by ransomware, affecting container terminal operations. The port handles over two million containers and 165 million cargo tonnage annually, including operations of Toyota Motor Corporation for car exports. The port operator said Wednesday that it suspects a cyberattack.
Related
