Looking on social media and the news, I just noticed the announcement that the City of New Orleans was targeted by a cyberattack. They took down the website and that the employees there were instructed to unplug their computers.So far not that much is known, this was published on Twitter earlier today.
With the information about that employees were instructued to unplug their computers would most likely indicate a ransomware attack inside their network. Looking a bit more at some of the services they are using it seems like they have only published SPF and not using DMARC for email. Also using Barracuda email gateway for incoming SMTP traffic? Could it be that this started with an email like many others before?
Update: Now apparently the Mayor of New Orleans says ransomware has been detected in the cyberattack on city, but no ransom demands seen