Skip to main content
close search
site logo
Dive Brief

Atlanta still struggling to get out from ransomware attack's grip

Published April 3, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Evilarry at English Wikipedia(Original text: David Selby) [Public domain], from Wikimedia Commons

Dive Brief:

  • Almost two weeks out from a citywide ransomware attack, Atlanta is still struggling to get back control of its technical infrastructure. Councilman Howard Shook's office lost about 16 years of digital records, reports Reuters. As of right now city officials believe data is just encrypted and not in the possession of the hackers behind the attack, but they cannot confirm it.

  • City council employees continue to recreate audit spreadsheets and even share "a single clunky personal laptop," according to the report. Files on a separate city computer appeared marred by the attack with file names tweaked to include "weapologize" and "imsorry."

  • Monday night Atlanta's Hartsfield-Jackson International Airport had its Wi-Fi restored, reports Fox 5. The system was taken offline on March 22 when the rest of the city suffered the ransomware attack. Officials do not believe safety was compromised, but officials took the Wi-Fi and flight information down as a "precaution."

Dive Insight:

The cyberattack hit the city on March 22 and effectively forced Atlanta to perform a technical overhaul, according to Mayor Keisha Lance Bottoms. The city is beginning its mending process with recovering its servers to be fully operational. 

The third party security firm aiding Atlanta in its recovery believes the attackers belong to the SamSam hacking group, a well-known ransomware squad. The hackers behind the group are known for their "clever, high-yield approaches," according to a Wired investigation of the group.

The group capitalizes on existing vulnerabilities or guesses a victim's passwords in their "public-facing systems" to access control of the network.

Local governments, hospitals and universities are typical targets of the SamSam group, according to Wired. This is due to the "manageable" price points for its victims and their willingness to pay. In Atlanta's case, the ransom demand was about $50,000.

The cyberattack on Atlanta has highlighted the hacking group's ability to withstand remediation efforts. Atlanta's attack brought on help from the private sector, including Cisco and Microsoft, to help recover more quickly. 

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Celonis Business Collaboration Networks Drive Process Improvement Across Company Boundaries
From Celonis
October 23, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Celonis AgentC: Making AI Agents Work for the Enterprise with Process Intelligence
From Celonis
October 23, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell