Atlanta restoration of ransomware attacks
Cybersecurity expert Morgan Wright discusses the ransomware cyber attack in Atlanta and how cities can protect themselves.
AMERICAN cities, states, and companies increasingly are at risk for cyber-attacks and transgressions in which so-called ransomware, which place them at the mercy of hackers demanding money.
Recent examples have taken place in computer networks, where the cities of Atlanta, Baltimore, Denver, and the activities of the Boeing.
Atlanta’s computer systems were hit with a ransomware attack March 22, lock, important city data behind an encrypted wall that can only be unlocked if the city is to pay the hackers $51,000 in the form of Bitcoin cryptocurrency.
The ransom note left by the hackers said that the refuse to pay the figure of a deadline this week would lead to the wiping of the information.
It was unclear late Wednesday if the city had paid off the hackers, with Atlanta Mayor Keisha Lance Bottoms cannot be excluded that in such an action.
The hackers were believed to be a well-known group that makes use of the so-called “SamSam” ransomware against targets that are weak security and would be willing to pay to have the control back. The group has collected nearly $850,000 since 2017, according to the CSO. The city of Leeds, Ala., paid the hackers $12,000 in the last month before the release of the recorded data.
The city of Atlanta continued to work after the attack, but some services are suspended and others are slow as they had to be done manually. City officials said that an investigation into the attack was completed and they were working around the clock to restore the systems.
It took more than six days to recover, only certain parts of the information. The city employees were told Tuesday to turn on their computers for the first time since the hack, although some will still have problems in connection with the attack.
911 switch-off in Baltimore
“We were able to successfully isolate the threat and to ensure that no harm was done to other servers or systems on the city network.”
– Chief information officer Frank Johnson
But Atlanta is not only bombarded with cyber attacks. Baltimore officials admitted Wednesday that a ransomware attacks aimed at the city’s 911 dispatch system in the weekend, leading to a 17-hour shutdown of the emergency dispatching system.
Frank Johnson, chief information officer in the Mayor’s Office of Information Technology, confirmed that the failure was caused by “ransomware perpetrators.” The hackers managed to breach the city’s network after an “internal modification of the firewall” made by a technician, who was working on another problem related to the automated dispatch system.
“We were able to successfully isolate the threat and to ensure that no harm was done to other servers or systems in the city network,” Johnson said, describing the incident as a “limited breach.”
Baltimore officials said they were not aware of any ransom demands made by the hackers responsible for the attack.
Alarm at Boeing
The world’s largest aerospace company, Boeing, was the target of a cyber attack Wednesday, via the infamous WannaCry ransomware — the same tool that crippled the healthcare system in Britain last year, the Seattle Times reported.
News of the Boeing attack was answered with a wide alarm, with the officials believe the hackers may have brought of the production equipment. But Boeing insisted on a rest, saying, the cyber attack violated only a few machines.
“We have done a final assessment,” Linda Mills, head of communications of Boeing Commercial Airplanes, told the publication. “The vulnerability was limited to a few machines. We deployed software patches. There was no interruption of the 777 jet program or one of our programs.”
Denver is also a hit
A suspicious outage also happened in Denver, where major websites, such as denvergov.org and pocketgov.org and online services stopped working in the afternoon. Numerous government computers and phone systems, including the text-to-911 system, were down, the Denverite reported.
Some city staff, allegedly not have access to e-mail, and other digital systems. Officials said they believe that the closure was caused by a software bug.
But the alleged software problem in Denver comes just weeks after the Colorado Department of Transportation (CDOT) was targeted twice in the space of seven days last month – with “SamSam” ransomware, paralyzing the ministry of 2,000 people and demanding Bitcoins in exchange for the return of the information, Denver7 reported.
David McCurdy, chief technology officer, said the department had “no intention of paying ransomware.” The damage to CDOT the computer systems was reportedly limited.
The Associated Press contributed to this report.
Lukas Mikelionis is a reporter for FoxNews.com. Follow him on Twitter @LukasMikelionis.