Atlanta’s ransomware attack: Police dashcam video archives lost forever


The city has spent $5 million to restore files, rebuild impacted systems, and harden its cyber-defenses.

The ransomware attack that compromised much of the computer infrastructure of Atlanta’s municipal government in March 2018, has resulted in the loss of years’ worth of footage collected by dashboard-mounted cameras in the city’s police cars, according to WSB-TV channel. For the most part, however, the city, including its Police Department, has gradually restored its systems.

“That is lost and will not be recovered, so that could compromise, potentially, a DUI case if the officer’s testimony is not where it needs to be,” Atlanta Police Chief Erika Shields said about the dashcam video archives. She hastened to add, however, that she’s not overly concerned by that, because such footage, no matter how useful, “doesn’t make cases for us”.

The cyberattack, which we covered shortly after it broke out in March, may have had more consequences for the police force, however. Investigator Matthew Condland said last week that he was unable to furnish a key piece of evidence after the ransomware corrupted all of his 105,000 files.

In her response, however, Shields was quoted as saying by the Atlanta Journal-Constitution that the matter was isolated to that particular investigator and that all criminal case files were preserved on the city’s servers.

The incident did not compromise other kinds of video evidence, such as recordings captured by police body-worn cameras.

Hackers used a ransomware strain called SamSam to hold much of the city’s computer network hostage. The attack brought many of the city’s technological operations to a screeching halt, forcing some departments to revert to pen and paper.

The attack affected various internal and customer-facing applications used to pay bills or access judiciary and public records systems. Hartsfield-Jackson Atlanta International Airport wasn’t affected, but, as a precaution, it shut down its free Wi-Fi network and disabled some of its website’s functionalities.

The cybercriminals demanded 0.8 bitcoin (worth roughly $6,800 at the time) per computer or 6 bitcoin ($50,000) for keys to unlock all computers. In keeping with the FBI’s recommendation in such cases, Atlanta refused to pay up.

The city has awarded nearly $5 million in contracts to deal with the aftermath of the attack and to improve its cybersecurity posture.

written by Tomas Foltyn, ESET We Live Security


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s