The Mayor of Atlanta, Georgia has confirmed today in a press conference that several local government systems are currently down due to a ransomware infection.
City officials said the ransomware infection took root earlier today, at around 5:40 AM, local time.
Some systems down but crucials services still up and running
Richard Cox, the City of Atlanta's new Chief Operations Officer, said the infection affected several internal and customer-facing applications, such as the online systems that residents used to pay city bills or access court documents.
Cox, who is in his first week on the job, said that the infection did not affect the critical infrastructure such as the city's water services, the local airport, and the public safety system.
Cox and his team are working with the FBI and DHS agents, but also with incident response teams from Cisco and Microsoft. Investigators are still assessing the damage and validating the infection's impact on city systems.
City hasn't decided if it will pay the ransom
Mayor Keisha Lance Bottoms expects city departments to open tomorrow, but operate without IT support.
Asked if the city plans to pay the ransom note, Mayor Bottoms said "We can't speak to that right now. We will be looking for guidance from specifically our federal partners."
Not all IT infrastructure were affected because the city was in the process of moving some systems to cloud services, and those were not affected.
According to 11Alive, a local TV station, the infection was caused by the SamSam ransomware, a strain that's been very active at the start of this year, and had previously also infected the Colorado Department of Transportation. The TV station reported that attackers are asking for a ransom of $6,800 per PC, or $51,000 for the entire network.
Mayor @KeishaBottoms holds a press conference regarding the security breach. https://t.co/h1WlcyUc6x
— City of Atlanta, GA (@Cityofatlanta) March 22, 2018
UPDATE [March 23]: Atlanta city officials held a second press conference. Mayor Bottoms said they haven't decided if they will pay the ransom demand or not.
Mayor @keishabottoms holds a press conference to provide updated information on the ransomware cyberattack. https://t.co/JRBdD4lUUu
— City of Atlanta, GA (@Cityofatlanta) March 23, 2018
Comments
Randall 7 - 6 years ago
I'm confused here. Are ya telling me the City of Atlanta aren't doing backups?