City officials confirm that Atlanta is dealing with a cyberattack that has locked down internal systems and is holding them hostage using ransomware
The City of Atlanta’s computer network has fallen victim to a ransomware attack that has encrypted some of the city’s data, mayor Keisha Lance Bottoms announced at a press briefing on Thursday.
While the full extent of the compromise is still under investigation, the attack is known to have cut off some of the city’s online services, including “various internal and customer-facing applications” used to pay bills or access court-related information.
In addition, the mayor encouraged the city’s employees and anyone who had conducted transactions with the city to keep tabs on their bank accounts in case their personal information may have been misused.
New Atlanta Chief Operating Officer Richard Cox, who only started in the role this week, said that several departments have been affected. The departments responsible for public safety, water and airport services are operating as normal, however. He says the city has not received further communications from the attackers since the original ransom note.
Local news channel WXIA showed a screenshot of an alleged ransom message that had been shared by a city employee. The note demands 0.8 bitcoin (roughly $6,800) per computer or 6 bitcoin ($50,000) for keys to unlock the entire system.
The city learned of the attack at around 5:40 am local time on Thursday, when the city’s IT security team noticed “something that looked peculiar” on a server and began investigating, the city’s acting Chief Information Officer Daphne Rackley was quoted as saying.
As for whether the city would pay the ransom, the mayor said that the city would seek guidance from federal authorities on “how to best navigate the best course of action”.
written by Tomas Foltyn, ESET We Live Security