As of Monday morning Atlanta had still not fully regained control of their systems, a week and a half after experiencing a targeted cyber attack. Mayor Keisha Bottoms has described the ransomware attack as a “hostage situation”. With a large part of the network affected, a number of important systems and digital records remain inaccessible.
Many employees found themselves switching back to “pen and paper” forms, or having to share a single machine across a number of staff members in order to get business done. There has been no word yet on whether the City has paid the demanded $51,000 in bitcoin ransom for restored access to encrypted files.
Cities provide an attractive target for hackers, as their networks often resemble more distributed environments with a range of systems that challenge them to maintain a combination of both old and new technologies. They often have fewer security resources in terms of both budget and staff, and the trend of adopting new “smart” technologies also threatens to complicate matters.
What makes stories like Atlanta’s all the more worrisome is that many other cities fit this profile and likely remain vulnerable. Updating security patches immediately to address known vulnerabilities is critical to fending off attacks. But once infected by ransomware, there is only one foolproof method of recovering data without paying a ransom – a recent backup.