Devastating Ransomware Attack Hobbles Atlanta
Days after hackers released ransomware on Atlanta’s municipal computer network, sending employees back to the days of pen and paper, the city has struggled to return to normalcy.
The hacking group SamSam demanded a ransom of $51,000 paid in bitcoin to unlock the system. The group locks up its victims’ files with encryption, temporarily changes the file names to “I’m sorry” and gives the victims a week to pay the ransom before the files are made permanently inaccessible. It has been called one of the most sustained and consequential cyberattacks to ever hit a major American city.
While some vital systems weren’t infected – such as 911 and wastewater treatment controls — other functions weren’t so lucky. The Atlanta Municipal Court has been unable to validate warrants, city residents have been unable to pay bills online, government employees were down to using pen and paper for work, and travelers were warned away from using the Atlanta airport’s free wifi, while
Though this was a particularly effective attack, it’s far from rare. A 2016 survey of CIOs found that obtaining ransom was the most common purpose of cyberattacks on a city or county government, accounting for nearly a third of all attacks.
Atlanta officials have admitted this is a wakeup call to make cybersecurity a higher priority. Other cities are already using the Atlanta attack as a valuable lesson to avoid becoming a potential target themselves.
Ross Albert, Assistant Vice President of Organizational Resilience, Security Risk Management for Hub International Limited, presented “The Future of Ransomware and Social Engineering” at DRI2018 in Nashville, TN. You can download the presentation from the DRI Resource Library. Click here to log in.