One Click and Silence — Cities Vanish from the Grid One by One
While citizens paid their taxes, hackers took the entire network with them.
Over the past week, hackers have launched a series of cyberattacks on government institutions in Oklahoma, Ohio, and Puerto Rico, disrupting critical services ranging from digital payments to court systems. One of the hardest-hit areas was Durant, a city of over 20,000 residents.
According to city officials, Durant’s systems were struck by ransomware. As of Tuesday, the official city website remained offline, and residents were unable to use digital payment platforms. In a social media post, local authorities confirmed that recovery efforts were underway with the assistance of law enforcement. Meanwhile, the city's police department also experienced disruptions in its communication center. The 911 service remains operational, though network issues may lead to increased response times.
Durant, the capital of the Choctaw Nation and the largest community in its reservation territory, is the latest in a series of attacks targeting Native American tribes. Earlier this year, tribes in Minnesota and Michigan were attacked, with the RansomHub group claiming responsibility.
Another city affected earlier was Abilene, Texas, where an attack began on April 18. The city’s infrastructure was completely paralyzed. Local officials reported receiving threats from the attackers regarding the leak of 477 GB of data tied to 130,000 residents. Despite the threats, the city refused to pay the ransom. A full replacement of IT infrastructure — from servers and storage to all workstations — is currently underway, a process expected to take several months, according to the city’s Chief Information Officer.
Just two days after the Durant incident, a similar cyberattack occurred in Lorain County, Ohio, home to more than 315,000 people. Authorities reported a network incident that disabled dozens of systems. Impacted segments were urgently disconnected, and court operations were suspended. While the 911 emergency service remained functional, operations of other departments were heavily affected. Later, courts resumed work, and an external cybersecurity contractor was brought in for investigation and recovery.
The Lorain incident continues a worrying trend in the state. In January, a cyberattack shut down the Cleveland Municipal Court for several weeks, and in summer 2024, more than half a million residents in Columbus were affected by a massive data breach.
Meanwhile, in Puerto Rico, cybercriminals targeted the Department of Justice. According to local media, the attack compromised the system used by the Criminal Justice Information Center. The department, in coordination with Puerto Rico's Office of Innovation and Technology Services, implemented threat containment measures and suspended services such as the issuance of criminal background checks. Full restoration will begin only after a comprehensive security audit, they stated.
U.S. federal agencies, including the FBI and CISA (Cybersecurity and Infrastructure Security Agency), have not confirmed involvement in the investigations, despite previously assisting Puerto Rico during a similar attack that affected its water supply authority.
These escalating incidents underscore just how vulnerable government institutions remain to organized cyber threats, particularly in regions with limited resources and outdated IT systems. The damage from such attacks extends far beyond technical disruptions — they directly impact citizens by cutting off access to essential services.
These ongoing assaults on critical infrastructure highlight the urgent need to strengthen protections for public systems and improve coordination between federal and local governments in the field of cybersecurity.
