2020 Public Sector Attacks in Florida

A Roundup of Cyberattacks Against Florida’s Public Sector in 2020 

The year 2020 has seen an increasing number of cyberattacks on a global level. The World Health Organization, Zoom, and Twitter are just some of the examples of massive organizations getting targeted by malicious actors. As we have seen in previous articles, the public sector is particularly vulnerable and often the target of these attacks. Due to the value of the information that the public sector accumulates on its citizens, students, patients, and employees, combined with often underfunded cybersecurity, such institutions present a lucrative target to cyberattackers. 

To put it into perspective, let’s break down some of the most notable cyber attacks that have occurred in the public sector in Florida in 2020. 

  • January 23, 2020 – The Tampa Bay Times fell victim to a ransomware attack. Luckily no sensitive information was stolen and no ransom was demanded as the Times chose not to respond to the hacker’s requests for communication.
  • February 10, 2020 – The North Miami Beach Police Department suffered a ransomware attack which caused the department to lose access to all their online files. The attackers reportedly requested $5 million for the Police department to regain access to their online information. This all happened after the system was allegedly updated in November of 2019 to avoid just such attacks.
  • March 2020 – The town of Jupiter was attacked with Sodinokibi ransomware, which shut down a number of the town’s online services for almost 3 weeks. These included the town’s email, online payment system, and records. Thankfully, the town was able to bypass paying any ransom and has since updated its systems to avoid further attacks. 
  • September 3, 2020 – Key West City Hall was left without computer access for over a week following a ransomware attack. City workers had to revert to pen and paper to complete their jobs as IT did their best to rebuild the collapsed system as quickly as possible.
  • September 3, 2020 – A series of cyberattacks left 275,000 students without proper access to online learning for a full week in Miami-Dade Public Schools. The school board was plagued by a series of distributed denial of service attacks (DDoS) – an overwhelming amount of false traffic on their network blocked actual users from accessing the server. The culprit was a 16-year-old student. This attack is just one of the 133 cyberattacks leveled at schools since 2016. 
  • September 29, 2020 – Universal Health Services, a hospital chain employing 90,000 people, was hit with a possible ransomware attack. The hospital chain, which has a location in Miami, did not disclose details but the attack had the makings of Ryuk ransomware. Operations at the healthcare facilities were slowed due to workers resorting to pen and paper.
  • October 2020 – Hospitals in Florida remained on high alert as they were warned of potential cyberattacks, due to the ongoing COVID-19 pandemic. The CISA and FBI alerted them after a number of other hospitals nationwide were targeted but, perhaps thanks to their vigilance, there were no particular attacks reported. 
  • November 24, 2020 – The Levy County sheriff’s office was attacked for the second time in 2020. All the phone lines remained occupied and rang non-stop, with nobody on the other side when the phone was answered. The Sheriff’s Office was forced to shut down all non-emergency lines and commence a $160,000 system upgrade to mitigate future attacks. The attack was allegedly traced back to a terrorist in Gaza.

Though cyberattacks may have been aggravated due to the Covid-19 Pandemic, it is important to remember that such attacks can happen to any organization, no matter the size or importance. One of the easiest ways for hackers to infiltrate a system is through the people working there, whether they are aware of the attack or not, using ransomware. Practicing safe online behavior can mitigate a lot of the risks. Vigilance and a rounded cybersecurity strategy are key to mitigating risk.