Newsletter
City Hall Building in Atlanta, Georgia
Image: City Hall Building in Atlanta, Georgia.

Cyberattack Cripples Atlanta Municipal Worker Computers

by -
Image: City Hall Building in Atlanta, Georgia.

Municipal workers were finally able to start using their computers again following widespread cyberattack.

Atlanta residents were still required to wait before their digital services became available.

City of Atlanta Hacked

The 8,000 people employed by the City of Atlanta in the United States finally received the go-ahead to start using their computers again. This was the first time the workers could access their desktops after a massive hack breached the municipality.

However, even as municipal workers were able to get back to work, residents remained unable to access municipal digital services. This meant that they were unable to pay their water bills or traffic tickets and could not report issues such as vandalism and potholes. Furthermore, Wi-Fi remained unavailable at the Hartsfield-Jackson Atlanta International Airport, the busiest airport on the planet.

It all started when the municipal government was struck by a ransomware attack. It was one of the most significant cyberattacks with one of the greatest impacts ever to occur against a major city in the United States.

Government Vulnerability

This success was a clear demonstration on government vulnerability due to reliance on computer networks. Governments need their networks in order to complete their daily functions. This ransomware attack stopped the Atlanta municipal government from being able to operate on its computer network. The attackers demanded a ransom in order to have its computer systems unlocked.

“We are dealing with a hostage situation,” said Atlanta’s mayor, Keisha Lance Bottoms. The attack on this massive American city represented a considerable escalation over prior attacks against U.S. municipal governments. Last year, cybercriminals were able to hack into the Dallas, Texas municipal government’s system, sounding tornado sirens overnight.

SamSam

Atlanta’s government worked with Dell SecureWorks threat researchers. The Atlanta-based team assisted the city in its response to the attack. They discovered that the cybercriminals behind the attack were the SamSam hacking crew. They are among the most active and meticulous among the known ransomware attackers.

SamSam often selects its targets among those that are most likely to pay its sizeable ransom demands. On average, they insist on around $50,000 paid in Bitcoin. They function by locating and locking out the most crucial data of their targets.

Officials in Atlanta said the ransom demands for this latest attack equated to about $51,000 in Bitcoin. Certain major systems – such as the emergency 911 lines and wastewater treatment facilities – were not impacted by the attack. That said, other major systems were left inaccessible for several days. The mayor has yet to state whether or not the ransom was paid.

Note: The opinions expressed in this article are the author's own and do not necessarily reflect the view of Alvexo on the matter.