- The City of Atlanta fell victim to a ransomware attack on Thursday morning, which encrypted some city data and caused outages across a number of departments.
The City of Atlanta is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information. We will post any updates as we receive them. pic.twitter.com/kc51rojhBl— City of Atlanta, GA (@Cityofatlanta) March 22, 2018
- In a press conference, Mayor Keisha Bottoms and newly-appointed COO Richard Cox said it is unclear the extent to which the city and its residents have been affected. Cox said the city's public safety department, water services and airports are operating without incident.
- The city is working with the FBI and the Department of Homeland Security, as well as external partners from Microsoft and Cisco's cybersecurity response team, to investigate the situation.
Though Atlanta officials are working quickly to take action on the situation and notify the public of any potential risks, it is evident operations could be compromised for some time as the city combats the attackers. CNN and 11Alive have reported the ransom demands bitcoin for $6,800 per unit, or $51,000, to unlock the system. When asked during the press conference if the city would pay the ransom, Mayor Bottoms said she "can't speak to that right now."
Bottoms and Cox both addressed the press with an air of confidence and assurance, despite being fairly new to the city's government. Bottoms took office in January while Cox, who used to work in the private sector at Cox Automotive, was appointed in mid-March. "I've never had a more interesting week to begin a job," Cox said during the press conference.
Atlanta CIO Daphne Rackley was also present at the briefing to address overall security matters across the nation, noting that cyber attacks are "not a new issue to the state of Georgia or to our country." The city has tried to be proactive in reducing its vulnerability to such attacks — Rackley notes that its "cloud first" software strategy is a "reflection of intent to take [cybersecurity] seriously" — though it's likely more could have been done to prevent the situation. While the city has a department of information management, it lacks a chief privacy officer or a dedicated cybersecurity office to be tasked with developing more proactive measures.
Moving forward, Atlanta can also learn from cities across the nation that have fallen victim to similar attacks. In late 2016, the San Francisco Municipal Transportation Agency found malware on its computer systems, and earlier this year, the city of Leeds, AL was forced to pay $12,000 in bitcoin after its system was hit with a ransomware attack for a number of days. While hackers gradually become more stealthy and difficult to combat, cities must also work to become smarter and prepared for an attack on any city-owned system.