Ransomware attacks in the City of Atlanta paralyzed affected several of its departments and paralyzed government websites that process payments and transmit court data.
According to the City of Atlanta, the first ransomware attack occurred on Thursday. According to Threatpost, an Atlanta government spokesperson noted that there ate still no updates to share.
The city published on its Twitter account that the city of Atlanta faces outages on a number of internal and external applications that are linked to customers.
The City of Atlanta is currently experiencing outages on various customer-facing applications, including some that customers may use to pay bills or access court-related information. Our @ATL_AIM team is working diligently with support from Microsoft to resolve the issue. atlanta.gov remains accessible. We will post any updates as we receive them. Thank you for your patience.
Richard Cox, an Atlanta Chief Operating Officer said that Atlanta is working together with the Federal Bureau of Investigation, the Department of Homeland Security, and Microsoft and Cisco’s security in order to respond to the attacks.
The city of Atlanta indicated that several departments were affected by the ransomware attack. However, the Atlanta Public Safety department, airport, water services are operating without incident. Moreover, payroll for city employees will not be affected by this attack.
The attack contained a ransom note and demanded 6 bitcoins (about $51,000) for all devices for keys to decrypt systems.
In addition, Cox confirmed that the city received a demand note, however, the contents of the demand was not confirmed.
Cox said that it is still investigating if employee details and personal data has been affected.
As a precaution, we are asking that all employees take the appropriate measures to ensure their data is not compromised. The city advises to monitor or protect personal information.
The Atlanta information management team advised City Hall employees not to use computers due to the potential risk.
It is worth to mention that Keisha Bottoms, Atlanta’s mayor, did not tell if the City will pay the ransom.
The city of Atlanta is only one of the most recent victim os ransomware attacks. For example, WannaCry ransomware attack paralyzed system across various markets in 2017.
In addition, a security researcher at WhiteHat Security, Rob Tate, noted that ransomware attacks targeting government utilities are likely to increase in the coming year.
One thing that strikes me about this incident is that it’s not too different than attacks we’ve seen before. In some cases, and seemingly in a case like this, the attacker did their homework, and would pick a number that they know the victim can afford to pay.