Over two years ago, the city of Joplin was hit with a ransomware attack.
As a result,the city council allocated more resources to reduce the chances of another attack in the future.
KRPS’s Fred Fletcher-Fierro reports we got an update Monday on how the response is going.
The attack took place in early July of 2021, it wasn’t publicly disclosed until the following month although city employees and staff knew something was wrong when phone systems quit working, they couldn't log into their work computer and were paid by check instead of direct deposit.
Joplin officials said at the time the city was insured for the hack and paid $320,000 to reclaim control of their network.
Mark Morris, head of IT for the city of Joplin says he is still using the cyber-attack as a learning opportunity.
“So, on to the phishing campaign. First week of October, I decided that I would put out two different emails. I kind of wondered sometimes if we send out one email by the second hour the emails would go out, you know 75 an hour to the employee base, by about 11 o'clock everybody's saying, hey don’t open that email.”
Morris reported that out of 400 phishing emails sent to Joplin City employees, 26 employees clicked on the link. Eight of those employees entered their email and password into a fake portal setup by Ravenii, Joplin’s cyber security contractor; another 15 employees reported that the email was phishing.
The employees who entered their online credentials into the fake portal were awarded immediate cyber security training.
Copyright 2023 Four States Public Radio. To see more, visitFour States Public Radio.
