Atlanta Hack Highlights Ransomware Dangers

The crippling attack on Atlanta's network shows that local governments need to “start considering cybersecurity on the same level as public safety.”
Matthew HellerMarch 28, 2018

The city of Atlanta is still struggling to recover from a devastating cyberattack that its mayor has compared to a “hostage situation” and security experts say is a reminder of the vulnerabilities of government computer networks.

The ransomware attack on Thursday targeted Atlanta’s online systems, shutting down computers and printers. Mayor Keisha Lance Bottoms has said the hackers had asked for $51,000, but there has been no formal confirmation of a ransom amount.

Even though the city’s computers are now back on, The New York Times reports, residents still cannot pay their traffic tickets or water bills online, or report potholes or graffiti on a city website. Travelers at the world’s busiest airport still cannot use the free Wi-Fi.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

“This is much bigger than a ransomware attack,” Bottoms said. “This is really an attack on our government, which means it’s an attack on all of us.”

According to The Times, the assault on Atlanta represents “a serious escalation from other recent cyberattacks on American cities, like one last year in Dallas where hackers gained the ability to set off tornado sirens in the middle of the night.”

A 2016 survey of chief information officers found that ransom was the most common purpose of cyberattacks on a local government, accounting for nearly one-third of all attacks, but less than half of the governments surveyed said they had developed a formal cybersecurity policy.

Local governments need to “start considering cybersecurity on the same level as public safety,” David Jordan, the chief information security officer for Arlington County, Va., told The Times. “A smart local government will have fire, police and cybersecurity at the same level.”

Security experts have identified the Atlanta assailants as the SamSam hacking crew, a notorious ransomware group that is believed to have extorted more than $1 million from some 30 target organizations in 2018 alone. Criminals made more than $1 billion from ransomware in 2016, according to the F.B.I.

The shutdown of Atlanta’s network forced police officers to write reports by hand and all applications for jobs with the city were suspended until further notice.