Atlanta is still recovering more than a week after hackers struck the city’s government with a crippling ransomware attack, locking some city workers out of important databases.
Ransomware is a type of malicious cyberattack that encrypts or corrupts a victim’s data. As its name implies, hackers use ransomware to extort money, threatening to delete files or publish sensitive information if a ransom isn’t paid to the cyber criminals.
According to the New York Times, security experts working with Atlanta during the city’s recent tech crisis identified the perpetrators as the SamSam hacking group that’s targeted a host of victims in the past, including hospitals. Local governments and health services may be more susceptible to these sorts of attacks due to aging or antiquated tech infrastructure.
Chicago-based Boeing was hit by a type of ransomware called WannaCry last week, although the aircraft carrier downplayed its impact.
In order for Atlanta to gain access to its computer systems again, the cyber criminals demanded $51,000 in the form of Bitcoin by March 28. The cryptocurrency is a popular form of ransom payment for these types of attacks because of its untraceable nature.
Atlanta Mayor Keisha Lance Bottoms hasn’t said whether the city ceded to the demand, although Councilman Howard Shook, chair of Atlanta City Council’s Finance Committee, indicated it doesn’t appear a ransom has been paid, according to a CNBC article published Monday.
For victims of such attacks, whether or not to pay a ransom is the big question.
According to a report on ransomware by IBM, 40 percent of all spam emails contain some form of ransomware and 70 percent of infected businesses ended up paying the ransom in 2016.
Web developer Derek Eder, who founded the civic data company DataMade and organizes the weekly tech event Chi Hack Night, provided Chicago Tonight with four tips for protection against cyberattacks such as ransomware:
- Use a password manager: Using the same password for everything makes it easy to break into everything. Use a password manager to create a strong, unique password for every account you create.
- Run regular software updates: Make sure to install security updates regularly on your computer and smartphone.
- Beware of phishing emails: Be careful when you get unsolicited emails asking you to log in or update your account information or take some urgent action. These are very likely phishing attacks meant to steal your login information.
- Be careful on free Wi-Fi networks: Don't log into important sites when using free coffee shop, hotel or airport Wi-Fi. Those networks can be insecure.
Read additional cybersecurity tips from Eder here.
Five days after the cyberattack hit Atlanta, the city directed employees to turn on their computers for the first time, acknowledging that some systems may still be compromised.
Slowly but surely, resident services like pothole and recycling reporting via Atlanta’s 311 website have restored, although some remain offline.
Chicago officials have not responded to Chicago Tonight questions regarding what, if any, protections the city has against ransomware and whether it has dealt with cyberattacks in the past.
Eder joins us in discussion.
Follow Evan Garcia on Twitter: @EvanRGarcia