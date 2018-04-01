"The Longer It Goes, The Worse It Gets" - Nearly 2 Weeks Later, Atlanta Still Reeling From Crippling Ransomware Attack

Sun, 04/01/2018 - 22:20

It has been nearly two weeks since the City of Atlanta's municipal government was hit with a crippling ransomware attack that wiped millions of government files and left the city's police and first responders relying on paper record-keeping.

So far, the city has made almost no progress in recovering its files. Police still don't have access to vital databases and investigative files. The town's auditor says the city's books have been destroyed, aside from whatever's left in the paper record. And top city officials are scrambling through a holiday weekend to piece together bits of city projects from personal computers and email addresses that weren't affected by the hack. Almost every government department was affected by the hack - though fortunately 10 of the 18 machines in the city auditor's office somehow avoided the hack.

"Our data management teams are working diligently to restore normal operations and functionalities to these systems and hope to be back online in the very near future," said Carlos Campos, a spokesman for the Atlanta PD. Campos said that some officers have returned to filing digital reports.

City officials (with an assist from the FBI) are trying to work through the hack. But if they don't find a way to recover at least some of the corrupted files soon, officials might be forced to pay the $51,000 ransom that the hackers are demanding (the FBI typically discourages the victims of these attacks from paying the fine).

Atlanta

The version of the ransomware virus affecting Atlanta (it's a virus called SamSam) inserted cheeky messages into the corrupted files, with the corrupted documents displaying filenames like "imsorry" and "weapologize".

The city's courts and its water department have been hobbled by the hack, Reuters said.

In recent years, ransomware attacks have become exponentially more sophisticated. Whereas once they would target individual computers, hackers have in recent years staged global attacks like "WannaCry" and "Petya" a year ago. They've rendered hospitals incapable of accepting patients and forced first responders to operate without access to computers.

And in another worrisome sign, city officials haven't disclosed the extent to which the hackers affected the city's backed-up files. Perhaps this is why city officials have refused to comment on whether they're considering paying the ransom - though, according to Reuters, they haven't paid it yet. 

Mayor Keisha Lance Bottoms, who took office in January, has declined to say if the city paid the ransom ahead of a March 28 deadline mentioned in an extortion note whose image was released by a local television station.

Municipal governments are particularly vulnerable to ransomware attacks because their computer networks typically comprise a patchwork of different systems with varying levels of security.

Ironically, the city completed a cybersecurity audit in January, and was in the process of implementing its recommendations when the attackers struck.

Mark Weatherford, a former senior DHS cyber official, told Reuters that hackers typically walk away when the ransom isn't paid.

He added that the situation could've been resolved quickly if the city just paid the ransom.

"The longer it goes, the worse it gets," he said.

"This could turn out to be really bad if they never get their data back."

Atlanta has nearly half a million residents - but 6 million people live in the Atlanta metropolitan area.

 

FireBrander NoPension Sun, 04/01/2018 - 23:13 Permalink

City of Atlanta:

Interim Chief Information Officer:

Daphne Rackley

Female and Black! Great diversity hire! Too bad she blew it horribly:(

https://www.atlantaga.gov/government/departments/atlanta-information-ma…

~~~~~~~~~~~~~~~

Kelvin Brooks:

Chief Information Security Officer at City of Atlanta

OMG!

He lernt IT at:

University of Phoenix
Degree Name BSIT
Field Of Study Information Technology

LOL! He bought his fucking IT degree online!..and fucking idiots put him in charge of IT Security for the entire city!

https://www.linkedin.com/in/kelvinbrooksatl/

a Smudge by an… FireBrander Sun, 04/01/2018 - 23:28 Permalink

Bill Gates would like everyone in the freaking world to know that he accepts 0 responsiblity for his shitty software.

(edited for pure rant purposes)

In what other industry to you get to do this? Microsoft products are the equivalent of selling cars that are guaranteed to catch on fire. Oh wait that's Tesla. Ok but in what other industry do you get to basically negligently expose the user data for years on end and....wait that's Google and Yahoo and Amazon and facebook and Wells Fargo and....OK but in what other industry do you get to basically get paid for failure time and again...crap that's the entire banking industry...yeah but uh...

Know something? This rant just isn't going where I wanted it to. I give up.

a Smudge by an… yarpos Mon, 04/02/2018 - 00:42 Permalink

It's not like us linux users are immune to this sort of thing. I'm not as smug as we were even 5 years ago. 20 years ago we were known for our arrogant and superior attitudes.

However with so many different flavors of linux out there, some of which are pretty different in terms of what software using what tech that it would be a real pain in the ass to write attacks for all of us. Which is really all the security anyone can ever have: just make yourself one bit more of a pain in the ass to exploit than the other guy.

Now here's Microsoft with a MISERABLE track record of trying to re-engineer problems we solved in 1972 and now they have this atrocious requirement to make everything retro-compatible. Because starting fresh with something that doesn't suck is admitting that everything they ever wrote sucks. So these pernicious holes just won't die. It's like living in a haunted house. There's all these ghosts and spooks jumping out of closets again and again like Disneyland on acid.

Over the years I've heard things from Microslave refugees that are just so bitterly stupid that it made me laugh and cry at the same time. Their dev process was in fact written largely in Perl (yup you heard that, Perl) and then they went through this grotesque process of porting it into Visbasic and C++ in a profoundly inept attempt to make it proprietary. They did the same to SQL, they tried to do the same thing to the freaking HTML spec, the even tried to take over not only the name but the foundational basis for DNS itself. Now there's "Windows domains" and there's THE REST OF THE WORLD'S DOMAINS. And how about their wedded wife, Intel? Nice little thing in the security news on them lately eh? Numerous examples, too many to list. Truly, everything they touch turns to shit.

AMD has been running Linux for what feels like generations. We're still best in class. Just feels strange to say that now that I'm old and fat. Tragically un-hip.

NoDebt Sun, 04/01/2018 - 22:27 Permalink

"Our data management teams are working diligently to restore normal operations and functionalities to these systems and hope to be back online in the very near future"

Meanwhile, every one of those fuckers is grabbing their "bug out bag" and getting the hell outta dodge.

When the SHTF this is what it will look like.  All that complex electronic bullshit will just... stop working.  And shortly thereafter you'll learn what real anarchy looks like.  

'Preppers' are NOT crazy, they just look that way while everything still works.  They are the most sane, rational people on the planet.

 

izzee Sun, 04/01/2018 - 22:41 Permalink

" officials might be forced to pay the $51,000 ransom "

They're too cheap to pay 51grand????? 

The city lost that in the first hour.

Oh because of the "principle of the thing"/??????  The Rule of Law?

And the FBI tells them "it's the Right Thing to do"  The FBI?

 