- A ransomware attack on the city of Atlanta’s government created outages for many consumer-facing and internal applications, putting “everyone who has done business” with the city at risk, according to a report from NBC’s Atlanta affiliate WXIA.
- The hackers are demanding a bitcoin payment of $6,800 to unlock each computer, or $51,000 for a system-wide fix.
- Mayor Keisha Bottoms held a press conference to say that, though the extent of the breach is questionable, the FBI, Homeland Security, Cisco, and Microsoft are all involved with the investigation to help get to the bottom of it.
A ransomware attack on the city of Atlanta’s government on Thursday morning led to outages of a number of internal and customer-facing applications, as reported by 11Alive.
Senior officials have advised both businesses and consumers to monitor their bank accounts, saying anyone who has conducted business with the city is at risk.
The City of Atlanta is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information. We will post any updates as we receive them. pic.twitter.com/kc51rojhBl
— City of Atlanta, GA (@CityofAtlanta) March 22, 2018
Internally, the systems affected include the city’s payroll application, according to an internal email from the city’s information technology department that was shared with Atlanta’s NBC affiliate WXIA. The email instructed employees to unplug their computers if anything seemed suspicious.
In a ransomware attack, hackers place malware on a computer - or system of computers - that restricts access, and then demand payment to undo it. Petya in 2016 and WannaCry in 2017 were both examples of ransomware that happened at a global scale.
The hacker of the Atlanta attack is reportedly demanding a bitcoin payment of $6,800 to unlock each computer, or $51,000 for the keys to fix the whole system, according to a message sent to a city employee who shared it with WXIA.
Paying the ransom doesn't necessarily mean the keys that the hackers give IT will fix the issue, in which case Atlanta would be forced to rebuild its systems.
Mayor Keisha Bottoms held a press conference later that day, in which she admitted that officials weren't sure of the extent of the attack at the time, but ensured that they were doing what they could to address it.
"My senior team essentially is here, so this should give you an idea of the importance of today's press conference," she said.
Bottoms also said that Atlanta's information management team is meeting with the FBI and Homeland security, and that both Cisco and Microsoft are also involved in the investigation.
Atlanta's COO Richard Cox ensured the public that city payroll, public safety, water and airport operations departments have not been affected, and Bottoms ensured has.
The 16-minute press conference was shared to Twitter:
Mayor @KeishaBottoms holds a press conference regarding the security breach. https://t.co/h1WlcyUc6x
— City of Atlanta, GA (@CityofAtlanta) March 22, 2018
Coincidentally, a number of sites used to pay for MARTA - Atlanta's public transportation system - experienced outages, but a spokesperson informed 11Alive that those were unrelated.
MARTA is currently experiencing a technical outage impacting MARTA Bid, Breeze Card, Reduced Fare and the MARTA On-the-Go sites. This issue is currently being troubleshot by MARTA IT. We do apologize for any inconvenience caused.
— MARTA Service (@MARTAservice) March 22, 2018