Ransomware attack on Akron, Ohio takes down 311 service amid major snowstorm

State and federal officials are investigating the attack, though the city says it did not affect its storm preparations or ability to get the streets plowed.
Snow plows amid falling snow
(Getty Images)

Officials are investigating a ransomware attack that caused Akron, Ohio, to take down several city services, including its 311 public-information hotline and credit-card payments at numerous municipal agencies.

The attack was detected Jan. 22 when workers in the city’s information technology office “became aware of suspicious activity on the city’s network,” an Akron press release reads. The IT agency notified Akron police and began taking some systems offline.

Akron officials also halted credit card payments at its recreation, building and taxation departments, while the municipal courthouse reverted to “traditional” recording devices. The city’s water and sewer utilities were still able to take credit card payments.

The city did not specify the amount of ransom demanded.


The attack is being investigated by city, state and federal officials, including the FBI and the Ohio National Guard’s cybersecurity team. The strain of ransomware is also not being made public. Akron spokeswoman Ellen Lander Nischt told StateScoop that the FBI identified it as something it has investigated before, though she said it was not the SamSam virus, which has been seen in a string of cyberattacks dating back to December 2015 — including a major incident against the Atlanta municipal government — that the U.S. Justice Department charges is the work of two Iranian citizens.

Also still under investigation is how the ransomware infected Akron’s computer system in the first place. Investigators looking into the attack are taking computers offline as they search for the origin point, Lander Nischt said.

“We don’t have an idea for ground zero,” she said.

The 311 service went down just as a massive snowstorm walloped Northeast Ohio with more than one foot of fresh powder, leaving Akron residents without the ability to call the city to ask when their streets would be cleared. Lander Nischt said the ransomware attack did not affect the city’s storm preparations, saying all streets were salted and later plowed.

“While this incident is ongoing, all current intelligence indicates that we were well-equipped and well-trained to address this malicious attack and that our employees took timely and appropriate action to prevent an attempted theft,” Akron Mayor Dan Horrigan said in the city’s press release. He added that the city has spent $9 million on IT upgrades since 2016.

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts