Five Important Factors To Know About Atlanta's Glossed Over Cyberattack
"This is really an attack on our government, which means it's an attack on all of us," Atlanta mayor Keisha Lance Bottoms said.
Atlanta's computer network was thrown for a loop recently when it was invaded with ransomware. The quiet but extremely vital incident hasn't be apart of the news cycle, but is serving as a warning of what can happen in a paperless world.
On Mar. 22, a ransomware cyberattack shut down the City of Atlanta's system. The Department of Atlanta’s Information Management team first noticed some outages at 5:40 a.m. According to a statement from Richard Cox, the city’s interim Chief of Operations, the outages occurred in various internal and customer applications “including some applications customers use to pay bills or access court related information.” The New York Times has referred to the attack as “one of the most sustained and consequential cyberattacks ever mounted against a major American city.”
Officials are still scrabbling as they have not made a decision to pay the ransom or to just move on the best way they see fit.
Here's a brief in-depth guide to everything that went down, from then to now.
The Cyberattack Has Been Labeled As A Ransomware Attack
Ransomware is an attempt where malware is thrown into a computer system until money is paid. In this case, hackers demanded 6 bitcoins, which translates into $51,000. Newly elected mayor Keisha Lance Bottoms compared the incident to a hostage situation.
"Just as we wouldn't give away too much information if there was a physical hostage, we do have to be careful," she said strongly at a press conference Monday (Mar. 26). "I can tell you that we are working around the clock." Ransomeware is nothing new. Research from cybersecurity firm Bitdefender found that two billion was paid by victims in 2017 with ransoms passing the billion mark in 2016.
As time passes and technology gets smarter, ransomware has gotten harder to combat. Cyberscoop points out that the number can be higher since most ransomeware attacks aren't reported for a number of reasons like embarrassment. Companies like Equifax and Facebook have recently dealt with similar attacks. Uber also faced a similar breach in 2017 that flew under the radar.
Bottoms also mentioned she wasn't opposed to paying the ransom as "everything is up for discussion."
Officials Know Who Is Behind The Attack
SamSam is the strand of ransomware used in the attack and officials are certain that it will strike again. During the course of this year alone, the ransomware group behind the Atlanta attack has already extorted up to a $1 million in ransoms, according to The New York Times. Dell SecureWorks, a private company based in Atlanta, was called in to assist the city. Its President & CEO, Michael R. Cote was also present at the conference as he made it clear that a lot of work is still left to be done. “We are transitioning into the recovery phase to include the methodical restoration of critical system,” Cote said. "We still have a lot of work to do. We are beginning to move into the recovery phase. So there is multiple phases when you do an incident response investigation.”
The FBI Has Gotten Involved
In addition to Secure Works, the FBI, Homeland Security and the Secret Service are apart of the investigative group. The city's website features a F.A.Q, about the "cross-functional incident response team" and their plans to prevent future attacks. Educational partners from Georgia Tech have also been called in as reinforcements.
Atlanta Officials Are Filling Out Forms By Hand
Despite officials being told to turn their computers and printers back on Tuesday (Mar. 27), full service has yet to be restored. This means people are unable to pay their water bill or their parking tickets online. The city's 13 departments have been forced to do their jobs manually, by writing reports by hand.
No Personal Information Has Been Affected In The Cyberattack
So far, there is no proof showing that personal information was released. "We have not seen any evidence that personal information has been misused as a result of this incident. However, as always, residents are encouraged to take precautionary measures to maintain the safety and security of their personal information," said the City of Atlanta's website. Despite no personal information being released, experts like Andrew Green, an information security lecturer at Kennesaw State University, believe this should be a "wakeup call" for the rest of the nation. "And so, this is a wakeup call, potentially, that cities need to start looking at how seriously they’re taking their own cybersecurity posture,” Green told FOX News.
Atlanta city council member Howard Shook did share his sadness over losing a large amount of information and the longing for an analog system. “Stuff is lost. I’m a tiny little example, but my computers—the contents have to be euthanized," he told The New Yorker. “We’ll rebuild the contacts, but, for me, the lesson learned is: this longtime goal of moving to a paperless society looks a lot less exalted now than it did a week ago. I’d give anything for a hard copy of everything I lost.”