ransomware (posteriori/Shutterstock.com)

Atlanta still hobbled by ransomware attack

Four days after the announcement of a ransomware attack on Atlanta's city network on March 22, officials are still struggling to bring citizen-facing websites and internal application back online.

In a March 23 announcement, the city provided an update on efforts to resolve the ransomware cyberattack and outlined precautionary measures employees and customers should take while the city restores service.

Because the attack seems to have affected applications residents use to pay bills or do business with the city, officials initially advised employees and those who do business with the city to check their bank accounts to ensure their financial data had not been compromised.

On Monday, the city reiterated that that warning in a tweet. "At this time, there is no evidence to show that customer or employee data has been compromised. However, customers and employees are encouraged to take precautionary measures to monitor and protect their personal information."

Agencies across the city have been affected, according to a press statement. Among the departmental functions still suspended are:

  • Human resources. No New employment applications are being accepted
  • ATL311. Although the ATL311 website has been disabled, residents can access 311 services over the phone.
  • Procurement. Contracts will continue to be processed as the department works on gaining access to internal systems to issue purchase orders.
  • Municipal court. Currently, the court cannot process ticket payments (online or in person) or validate warrants originated from the court.
  • Corrections. The department is processing inmates manually.
  • Parks and Recreation. Permits and event applications are being reviewed manually
  • Airport. Free public Wi-Fi has been disabled at Hartsfield-Jackson Atlanta International Airport out of an abundance of caution.

In an interview with WSB-TV Atlanta, Mayor Keisha Bottoms said the city is making progress, but the issue is not resolved.  More details have not been forthcoming.

Some have criticized the city's reticence. Andy Green, a lecturer of information and security at Kennesaw State University, told Atlanta NBC affiliate WXIA that the city's silence is concerning. "We don't know if they're actively fighting the infection, we don't know whether they're into recovery mode," Green said.

The ransomware message demanded a bitcoin payment of approximately $51,000 to unlock all affected systems, the equivalent of $6,800 per computer to unlock individual machines.

About the Author

Susan Miller is executive editor at GCN.

Over a career spent in tech media, Miller has worked in editorial, print production and online, starting on the copy desk at IDG’s ComputerWorld, moving to print production for Federal Computer Week and later helping launch websites and email newsletter delivery for FCW. After a turn at Virginia’s Center for Innovative Technology, where she worked to promote technology-based economic development, she rejoined what was to become 1105 Media in 2004, eventually managing content and production for all the company's government-focused websites. Miller shifted back to editorial in 2012, when she began working with GCN.

Miller has a BA from West Chester University and an MA in English from the University of Delaware.

Connect with Susan at smiller@gcn.com or @sjaymiller.

inside gcn

  • cloud services (jijomathaidesigners/Shutterstock.com)

    AWS GovCloud gets more enterprise services

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group