The City Of Atlanta Victimized By Ransomware Attack
Yesterday, the city of Atlanta was victimized by a widespread Ransomware attack.
According to Chief Operating Officer Richard Cox, the outage of internal and customer-facing applications started at 5:40 a.m. Bill-payment applications, including portals to access court information, were compromised by the attack.
Mayor Keisha Lance Bottoms is urging city employees as well as members of the general public to pay close attention to their bank accounts and take proactive measures to protect their data.
According to Atlanta NBC affiliate WXIA, a city employee sent the station a screenshot of the Ransomware message, in which hackers demanded a $6,800 ransom to unlock each end user’s computer, or a $51,000 lump sum to unlock all affected systems.
The city’s IT department emailed employees instructing them to unplug their workstations if they noticed anything out of the ordinary.
— City of Atlanta, GA (@Cityofatlanta) March 22, 2018
The Ransomware attack on Atlanta was discovered by the city’s IT security team, which noticed irregular activity on the server.
The city of Atlanta is currently cooperating with the FBI, the Department of Homeland Security, and private cybersecurity providers to determine the root of the Ransomware attack.
When asked if the city would pay a ransom to resolve the problem, Mayor Bottoms said the city would seek guidance from federal authorities on the best course of action.
Experts say the screenshot sent to WXIA closely resembles a message from Samsam, a variant of Ransomware that infected a string of hospitals a little over two years ago. Those cyber attacks exploited a de-serialized Java vulnerability in application servers.