The data troubles in the city of Atlanta, Georgia, would be top national news if the media were not so interested in promoting porn stars. Atlanta has had its entire city computer system locked down by a ransomware hacker and is considering paying a $51,000 ransom to get access back to its system.
This news is actually pretty shocking and really should be a national story. Imagine the threat that this represents. Atlanta is one of the nation’s largest cities and if big cities like this can lose control of their entire computer systems like Atlanta has, this is a danger to all Americans.
Make no mistake, either. Atlanta doesn’t have any more or less vulnerable computer system than any other city. Nearly every city in the U.S. (and the federal government for that matter) have antiquated computer systems running them. Few of them are up to scratch security-wise.
This means that every U.S. city, from the smallest to the biggest, is in danger of hackers like this.
According to CBS News:
The use of ransomware, which lets hackers seize control of computers belonging to individuals, businesses and local governments, has been on the rise in recent years. In 2017, U.S. officials blamed North Korea for the massive “WannaCry” ransomware attack on hospitals, financial firms and other companies.
More than 1,200 ransomware incidents were detected every day last year, according to a new report from security software firm Symantec.
So, just what the heck is going on down in the “Big A”? Well, it certainly is a mess, that is for sure.
According to NPR, the city is still struggling to figure out what to do about the hackers who have locked them out of their systems. They are supposedly working with the FBI’s cyber bureau, but in many cases the FBI hasn’t been able stop the hackers and victims have just had to pay up to regain control of their systems.
City Mayor Keisha Lance Bottom tried to assure the city that officials are working to improve cybersecurity.
“There’s a lot of work that needs to be done with our digital infrastructure in the city of Atlanta and we know that year after year, that it’s something that we have to focus on and certainly this has sped things up,” Bottom said.
As City of Atlanta officials and our federal partners continue to work around the clock to resolve issues related to the recent ransomware cyberattack, the Municipal Court does not have the ability to process ticket payments (online or in person). @ATLCourt pic.twitter.com/PnNKYmaRj2
— City of Atlanta, GA (@Cityofatlanta) March 26, 2018
But WABE reporter Tasnim Shamma noted that things are no where near settled: “Many city employees have been without access to Internet and email since Thursday after hackers locked some of its systems and demanded a $51,000 payment. The city says it completed part of its investigation of the cyberattack, but it’s working on restoring full service.”
Officials insist that police, fire, and other safety services are not compromised, but it isn’t likely they’d be say so if it really was a problem.
Atlanta is not the only local city that has been hacked. The nearby suburb of Loganville has also suffered a cyber shutdown.
On March 26, the city posted this Facebook notice:
“At this time it is still speculation that our servers were breached and any personal information was accessed,” Loganville spokesman Robbie Schwarztold the Atlanta Journal Constitution. “Until we have confirmed details from the cyber security team that was hired, who will act on our behalf to notify the proper authorities – which includes the Department of Homeland Security and possibly the FBI – we have no additional information to provide regarding this matter.”
The city has not yet been very forthcoming about its data breach. As AJC notes:
Few other specifics about the possible breach or its potential effects were released. The post did not mention ransomware, which a believed hacker has used to hold the city of Atlanta’s online systems hostage since late last week.
Schwarz said Monday that the city’s “ability to provide services to our customers has not been impacted.”
“We do not know the extent of the breach so it is impossible to know how many people are affected,” Schwartz said in an email Monday night.
Loganville said it also has retained a computer forensics company to assess the breach. It is also conducting “a thorough review of the potentially affected records, as well as its cyber security protocols.”
The city encouraged those who could be affected to monitor their banking accounts and credit reports.
This isn’t the first time that Atlanta had its computer systems breached. According to ZDNet, Atlanta was infected back in 2016, too, leaving it vulnerable.
New data provided by Augusta, Ga.-based cybersecurity firm Rendition Infosec, seen by ZDNet, shows that the city’s network was silently infected last year with leaked exploits developed by the National Security Agency.
The cybersecurity firm’s founder Jake Williams said at least five internet-facing city servers were infected with the NSA-developed DoublePulsar backdoor in late April to early May 2017.
That was more than a month after Microsoft released critical patches for the exploits and urged users to install.
The NSA exploits were stolen in 2016 in one of the biggest breaches of classified files since the Edward Snowden disclosures. The hackers who stole the exploits, known as the Shadow Brokers, attempted to auction off the files but failed.
Folks realize what this all means… we are all so used to seeing TV shows and movies where our security people and government officials are able to put an end to the bad guys with their computer expertise. And yet, here we have two cities AND the FBI completely unable to put an end to this cyber attack in Atlanta.
It appears that all these hackers want is money, fortunately, but imagine if they had more nefarious goals in mind? Atlanta and Loganville would be completely up a creek.
This whole situation should serve as a wake up call to every single unit of government all across the country.
Sadly, you can bet no one is paying attention.