Atlanta City Government Hit With Crippling Ransomware Attack

In an unprecedented attack on the IT systems of a major municipal government, hackers are demanding ransom payable in bitcoin after seizing control of computers belonging to the Atlanta city government, AFP reports.

The ransomware assault shut down multiple internal and external applications for the city, including apps that people use to pay bills and access court-related information, Mayor Keisha Lance Bottoms told a news conference Thursday.

The attack also impacted the city's emergency-response services - forcing dispatchers answering 911 calls to take down reports with a paper and pen

"This is a very serious situation," Bottoms said.

City officials said they learned of the attack before dawn Thursday when they detected unusual activity on their servers and discovered that some of the city's data had been encrypted without their consent.

Shortly after, the city government received a ransom note giving instructions for paying to free up files encrypted by the hackers.

Atlanta

The hackers - perhaps having learned from the relatively small take received during previous ransomware attacks like last year's infamous "WannaCry" global assault - are demanding the city pay a relatively modest ransom: Six bitcoins - or about $51,000.

Newsweek reports that a note provided to city officials included step-by-step instructions on how to pay. It linked to a website URL hosted on the dark web. But at a press conference led by Bottoms, officials told the public they are still assessing the extent of the attack.

"The City of Atlanta has experienced a ransomware cyberattack," confirmed chief operating officer Richard Cobbs during the briefing. This attack has encrypted some of the city data, however we are still validating the extent of the compromise."

A statement released to the public read: "The City of Atlanta is currently experiencing outages on various internal and customer facing applications, including some applications that customers use to pay bills or access court-related information."

"At this time, our Atlanta Information Management team is working diligently with support from Microsoft to resolve the issue," it added. "We are confident that our team of technology professionals will be able to restore applications soon."

Bottoms demurred when asked whether the city is contemplating paying the ransom.

On the option of paying the ransom, Bottoms said: "We can’t speak to that right now, we will be looking for guidance specifically from our federal partners on how best to navigate the best course of action. Right now, we are focused on fixing the issue."

"The explanation is simple, we don’t know the extent. I would ask that people assume you may be included if personal data has been breached. We don’t know if it's information related to just our employees or if it’s more extensive than that. Because we don’t know, I think it would be appropriate for the public to be vigilant checking their accounts and making sure credit agencies can also be notified."

The FBI warned in 2016 that victims of ransomware attacks should refrain from paying ransoms, explaining that it would not guarantee that their data would be released, and, furthermore, would only embolden criminals.

That attack hit more than 200,000 companies, hospitals, government agencies and other organizations in 150 countries, but most of the victims opted to let their data be erased rather than pay the ransom.

The FBI and Department of Homeland Security are investigating.

WannaCry, Petya and other major ransomware attacks were carried out using NSA cyberweapons that were stolen by a group called the Shadowbrokers, who've been selling a cache of NSA weapons to whoever is willing to buy them - even launching a subscription service last year. It's unclear what type of ransomware is being used in the Atlanta attack.

Comments

philipat philipat Fri, 03/23/2018 - 22:46 Permalink

Um, backups? And there is a lot of inexpensive (and free) software to protect against this. But, of course, this is Gubmin so, yeah...

And this, of course, on top (no pun intended) of the recent ATL problems. Atlanta does seem to have more than its fair share of "issues" recently? Remind me again who runs Atlanta?

In reply to by philipat

Croesus are we there yet Fri, 03/23/2018 - 23:20 Permalink

It's amazing to me, that "The People" continue to have ANY faith in government, at all.

Between the corruption, endless lying, outright criminality, and sheer ineptitude, a thinking person has to ask themselves, "How much longer, can this 'Merry-go-round of Idiocy' continue?"

At what point, does the realization suddenly hit people, that they're placing way too much trust in the wrong kinds of people?

The fact that political gridlock prevents anything meaningful from being accomplished, coupled with the aforementioned problems, is exactly the fuel that gives rise to dictatorships.

Maybe that's part of the plan.

Anyway, some suggestions for you, if you're like me, and really care about your privacy:

If you haven't already done so, consider placing a freeze on your credit with the 3 main agencies, providing you do not have any need to apply for a loan in the short-medium term.

I would also suggest becoming a "ghost", in the sense that:

1. Use different screen names on all of the discussion sites you're active on, linked to different email accounts.

2. The houses are owned by LLC's, as are the vehicles. Utilities are under the names of other people, to whom you pay a small annual fee for allowing the use of their name (Pay all of the bills early, so there is no risk to them, or their credit ratings).

3. Cell phone #1 is a disposable prepaid, with call forwarding active that forwards to another prepaid number, which is how friends/family get in touch. When answering the phone, the caller asks for a different name than yours, and you call back.

4. Have a 3rd phone that forwards to a 4th prepaid phone that only gets turned on to retrieve voicemails. Give out this number to strangers, and use it on forms...doctor's offices, banks, government agencies, anybody who "shares or may share information with 3rd parties".

Note: The point of having 4 phones, is so that you can leave the phones that forward in another location, and add a layer to the tower pings. In laymen's terms, someone tracking you by cell location will see the phones that forward, not the locations the phones forward to (where you are).
For OpSec, #2 is only on, at certain times of day, and stored similar to #4 - #4 is kept without its battery in place, in a signal blocking pouch, and used as needed.

5. Bank accounts are also under different names, non-interest bearing, so no tax impact.

6. Web access is only done via public open access (open wifi), and all online purchases are made using prepaid credit cards, with deliveries to a PO Box (under, you guessed it, another name...). It's a little trickier to setup a PO Box this way now, and places like the UPS Store have looser ID requirements, just FYI. To get around the USPS mail requirements (that all parties getting mail at the box provide ID, fill in an LLC name on the back (Joe Smith, LLC). Mail letters to the LLC, using variations on the spelling, and eventually just drop the LLC, when getting anonymous shipments.

7. Have a valid driver's license, listing the apartment of a friend as the address.

Before anyone gets the wrong idea:

I have no criminal record, at all, and no involvement with illegal activity of any kind (at least in the 'common sense' sense of the Legal code; we all break laws every day...). I am someone who takes their privacy very, very seriously. I also recognize the reality that a person's life can get turned completely upside down in an instant...by lawyers, law enforcement, the media (& God only knows who else)...so:

By setting things up this way, you have a good "buffer zone" between you, and "them".

For marketing, research how to opt-out of the DMA, Axciom, and other companies like this; the requirements vary by company, and it's too much for me to think about, this time of day. Some are simple online submissions, others send you a packet that you fill out, and snail-mail back. It takes some effort, but it's worth it, in the long run. Your junk mail will drop down to almost nothing, and your visibility on the web will, too.

The overall point of this longwinded post is this:

ID theft happens, because Governments and Corporations are irresponsible and reckless with your information. You DO have some control over this, but it takes some effort to reclaim your power. It is worth it, I sincerely promise you that.

In reply to by are we there yet

chumbawamba Croesus Fri, 03/23/2018 - 23:30 Permalink

$51K is a small price to pay for a hard lesson learned, certainly less than the cost of manually trying to undo the damage at this point. Pay the ransom, take it out of the IT manager's salary and put in a fucking firewall.

I am Chumbawamba.

In reply to by Croesus

Buckaroo Banzai DownWithYogaPants Sat, 03/24/2018 - 14:46 Permalink

"Are blacks in America immune from criticism? Are they never responsible for their own failures? And most importantly, is black rule the end for an American city? Paul Kersey of SBPDL has an emphatic “yes” to all three in “Black Mecca Down” – a shocking, controversial, and uproarious account of the fall of Atlanta. Once dubbed “The City Too Busy To Hate,” Atlanta, GA was supposed to be the model city for the New South, a thriving metropolis that would show the old Confederacy had moved beyond race and joined the global economy. Instead, Atlanta became a black dystopia dominated by corruption, incompetence, and crime. Starting with Maynard Jackson, Atlanta's first black mayor, the greatest city in the South followed the pattern of Detroit, with basic institutions collapsing even as the cries of “racism” increased. The sequel to the bombshell “Escape From Detroit” is Kersey at his best, showing the tragic aftermath of the Civil Rights Movement in the decline of a once great city. More than that, you'll find the original reporting, remarkable anecdotes, and trademark wit that have made the author and his site a sensation."

https://www.amazon.com/Black-Mecca-Down-Collapse-City/dp/1468138545

In reply to by DownWithYogaPants

38BWD22 chumbawamba Sat, 03/24/2018 - 00:05 Permalink

 

I continue to be bewildered knowing that so many organizations (esp. .gov) are STILL so vulnerable to these kinds of attacks.  I guess they don't have any smart IT guys working there for the city of Atlanta, else the top managers won't pay for security.

Then they get whacked for a lot more than they would have paid for a decent team of IT managers.

In reply to by chumbawamba

Croesus 38BWD22 Sat, 03/24/2018 - 01:11 Permalink

R, given your travels and life's experience, it surprises me that you haven't observed that the Government moves at a snail's pace, when it comes to making intelligent, sensible decisions, that benefit the public.

The only time I ever see a "gleam of intelligence, in Big Brother's eyes", is when they've come-up with an idea that either: makes government grow, strips Peoples' Rights, or benefits the owners.

Below, I've created a chart:

"The Growth of the US Government 1789-2017", with an overlay of "The Rights of American Citizens" capturing the same time period...the chart is in quotations:

"X"

In reply to by 38BWD22

lakecity55 Croesus Sat, 03/24/2018 - 03:41 Permalink

Excellent.

In my case, I work as a squirrel. They gave me a fake ID, so I used it to create more fake IDs.

Haha.

Some of them are in a safe. They have never been used. But Mr LC can leave as Mr CL.

The house in Bangalore is needing attention. Mr Sajeev needs to head towards Bangalore.

In reply to by Croesus

Amicus Curiae Croesus Sat, 03/24/2018 - 06:49 Permalink

in Aus you cant  get any phone even a throwaway 10$ one without showing licence and adresses ID

ditto PO boxes and the rest

if you want to see how controlling a  1st world democratic?nation is of citizens than look no further

mandatory vac for kids

and now mandatory chip n desex to own any dog in Sth Aus and coming soon elsewhere

you cant even place an ad to sell a pup w/out chip number IN the ad.

only way to manage money is to remove it from all banking which increases personal risk of theft etc

In reply to by Croesus

Croesus Amicus Curiae Sat, 03/24/2018 - 09:33 Permalink

@ Amicus:

I knew things were f-ed up in Oz, but damn, man. No way I'd "chip" a pup, or any other animal in my care.

Here in the States, we naturally have piles of our own government stupidity laying about everywhere...

Remember, "It's for safety!" (As if a bunch of fat bureaucrats would actually protect anything, other than their power & largesse).

In reply to by Amicus Curiae

marsrecords Croesus Sat, 03/24/2018 - 12:42 Permalink

Thank you Mr. Bond. Please report to Q and receive the keys to your new Maserati. That vehicle requires testing of the new particle beam offensive system. We suggest the "no-go" zones of Paris. Report on my desk Monday before afternoon tea.

Signed,

Q

In reply to by Croesus

Moving and Grooving vaporland Sat, 03/24/2018 - 10:18 Permalink

All true. But a decent risk management program will fix that and all the other dumb things IT folks do when they can get away with it. This sort of event almost always reveals that the backup systems in use are inadequate, vulnerable, or simply won't work when needed. Happens every day somewhere. Those who've been stung usually get it right afterwords, but it almost always costs the jobs of a few ITers.

 

.

In reply to by vaporland

Faeriedust Moving and Grooving Sat, 03/24/2018 - 15:38 Permalink

Oh, but these days IT isn't handled by state employees.  They contract it out to large corporations like Northrupp-Gruman, who then subcontract it to fly-by-night people-movers who hire the cheapest labor they can get.  Something goes wrong, contractor fires the subcontractor, and they did their due diligence.  They hire another subcontractor who promises to fix the one thing that is determined to have caused the problem (but of course not the 27 other quality issues associated with having government computers maintained by lowest-possible-wage temps).  Problem "solved" until next summer, at least.  Maybe even Christmas. Government costs kept down.  Corporate profits kept  up.  Wages kept low.  Government efficiency turned into a constantly-moving nightmare where a new system breaks down as soon as each problem is "fixed", allowing libertarians to continue arguing that government is inefficient by nature.  Which it certainly is NOT -- look at China fer goddsssakes.  But it certainly is by design, in this country.

In reply to by Moving and Grooving

Acton27 philipat Sat, 03/24/2018 - 12:13 Permalink

This is the problem with living in Atlanta. The citizens had an opportunity to change out city government last year, and elected someone who will further the corruption and incompetence of the city government. The race was close. Keisha Lance Bottoms is a disaster and possibly will drive this major metropolitan area it further  insolvency.  It is too bad, but this is an opportunity to show other cities how to free themselves from the incompetent and corrupt bureaucrats that control over major cities.  We have to bypass them.  Cities like Sandy Springs, Alpharetta, and John’s Creek rise as the city of Atlanta proper ceases to be a major city. It’s population is already down to 600,000, and the remaining 4 million residents of “Atlanta“ live in cities that are mostly (outside of DeKalb County) more competent than the bureaucrats of the city of Atlanta. 

In reply to by philipat

Dixie Vixen philipat Tue, 03/27/2018 - 23:29 Permalink

Atlanta is quite possibly the most corrupt City government in the nation.

Rather curious that this would happen right on the heels of an investigation into the citys complicity with the former mayor kasim reeds shady deals and his direct order to hold up on providing anything as a result of the freedom of information act.

I began requesting documents and meeting minutes from a mayorally  appointed Confederate monument and Street name review committee...

All against Confederates...

Also the day of the I-85 bridge collapse, there was a woman shot dead by a professional hitman in broad daylight in the middle if the street in the city of Atlanta..... Get this within an hour of having picked up a packet she requested from the mayor's office via the freedom of information act

In reply to by philipat