Malware infection poised to cost $1 million to Allentown, Pa.: Mayor

February 21, 2018 GMT

The city of Allentown, Pennsylvania, is expected to spend $1 million reeling from a recent malware infection that has caused the city to stop operating certain computer systems, its mayor said Tuesday.

Mayor Ed Pawlowski told city council members that a malware strain known as Emotet infected government computers last week and subsequently began self-replicating and stealing log-in credentials, including employees’ passwords, local media reported following Tuesday night’s council meeting.

“The city is not operating some of its systems as a precaution. The situation is under control, but it is not yet mitigated. Until it is eradicated, it has the potential to infect all city systems,” Mike Moore, Allentown’s communications director, told WFMZ-TV, the network reported Tuesday.

The malware was first detected on Feb. 13, and the city subsequently paid Microsoft an initial $185,000 emergency-response fee to contain the virus, Mr. Moore told the network.

Recovery efforts related to the incident may cost Allentown upwards of an additional $800,000 to $900,000, Mr. Pawlowski acknowledged, The Morning Caller newspaper reported.

“This particular virus actually is unlike any other virus. It has intelligence built into so it keeps adapting to our systems, thus evading any firewalls that we have up,” Mr. Pawlowski said.

Preventative measure in place kept Allentown’s finance department from completing external banking transactions and blocked the city’s police department from accessing Pennsylvania State Police databases Tuesday, the mayor said, according to the newspaper.

The virus targets Microsoft computers, the mayor added, including about 185 surveillance camera located across the city, the newspaper reported.

Mr. Pawlowski declined to go into details about the malware Tuesday, citing concerns of a possible follow-up attack, the report said.

“I’m not trying to in any way shape or form hide anything from the public,” he told the newspaper. “But we just don’t want to divulge how we’re aggressively attacking this because if it is a hacker, they can always modify their attack.”

“We want to stop this hemorrhaging,” said Mr. Pawlowski, a Democrat.

Located in the Lehigh Valley of eastern Pennsylvania, Allentown boasted a population of roughly 118,000 residents in 2010, making it the Keystone State’s third most populous city after Philadelphia and Pittsburgh.

The FBI is investigating a Emotet infection discovered in December affecting Rockingham County Schools in North Carolina, school officials said last month.

Allentown’s technology director, Matthew Leibert, said the latest infection is under criminal investigation. The FBI did not immediately return a message addressing its potential involvement.

The FBI and the U.S. Department of Homeland Security previously found traces of Emotet on computers used by “Avalanche,” a global infrastructure network used by cybercriminals to conduct phishing campaigns and distribute malware, according to federal authorities.

Emotet was first detected in attacks suffered by the banking sector in 2014, and security researchers at Trend Micro reported a re-emergence in attacks last year.