Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Security Government Software The Internet United States

Atlanta City Government Systems Down Due To Ransomware Attack (arstechnica.com) 69

An anonymous reader quotes a report from Ars Technica: The city of Atlanta government has apparently become the victim of a ransomware attack. The city's official Twitter account announced that the city government "is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information." According to a report from Atlanta NBC affiliate WXIA, a city employee sent the station a screen shot of a ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems. Employees received emails from the city's information technology department instructing them to unplug their computers if they noticed anything suspicious. An internal email shared with WXIA said that the internal systems affected include the city's payroll application. "At this time, our Atlanta Information Management team is working diligently with support from Microsoft to resolve the issue," a city spokesperson told Ars. "We are confident that our team of technology professionals will be able to restore applications soon." The city's primary website remains online, and the city government will continue to post updates there, the spokesperson added.
This discussion has been archived. No new comments can be posted.

Atlanta City Government Systems Down Due To Ransomware Attack

Comments Filter:
  • by Anonymous Coward on Thursday March 22, 2018 @05:07PM (#56308183)

    Misconfigured group policy and AD privileges leading to one infectee having the ability to encrypt everyone on the network. What are the odds they even have backups for these systems?

    • by Anonymous Coward
      Backups? Sounds expensive. We don't have money in the budget for that.
      • More like: we don't need that, our $750,000 isilons have everything replicated.

        Followed by: we don't see the need for backup storage within our organization, we built 5 systems in the last few years and nobody uses it.

        • by Archangel Michael ( 180766 ) on Thursday March 22, 2018 @05:32PM (#56308407) Journal

          The pain point for ransomware is low enough that enough people pay it rather than restore from backup and/or try to recover via other means (including re-imaging).

          And if you haven't had a full restore test of all critical systems, then you're already playing with fire. Nobody Ain't Got Time For That (tm) is the normal response.

          I have a saying ... "Good IT is expensive. Bad IT is costly"*. If they lose more than a day's productivity on their compromised systems, they need to just pay the ransom, and learn the expensive lesson.

          *This may or may not be the fault of IT. I've been in IT long enough to see IT make recommendations that are denied because "they are expensive" and I've seen bad IT. I always use risk / reward when outlining IT infrastructure costs. Sometimes the calculus is "if bad shit happens, we'll eat it".

      • Or, "We don't need backups--we have RAID 1."

  • Can you do the same for the state of California? kthxbye
    • by Anonymous Coward

      Can you do the same for the state of California? kthxbye

      yes because you just love to see destruction, loss and death, it's the only thing left that gives you a boner

  • 9 outta 10 a user caused this after opening something they should've.
  • by SuperKendall ( 25149 ) on Thursday March 22, 2018 @05:42PM (#56308477)

    We all know this means they are running Windows.

    How many more critical systems have to fall victim to this malware/ransomware bullshit before Windows systems are banned for use in anything critical? Even just the greater likelyhood of that happening to Windows systems should render them unacceptable to use.

    In a lot of ways, this complete system shutdown is much worse for everyone than a database being stolen which is the worst case for UNIX backends.

    • How many more critical systems have to fall victim to this malware/ransomware bullshit before Windows systems are banned for use in anything critical?

      How many more times will this happen before I.S./I.T. directors are deemed criminally negligent for this easily preventable and predictable problem? C'mon, putting important stuff on Windows??! How many whacks with the Cluestick are necessary before these people see the blindingly obvious?

    • by HiThere ( 15173 )

      While that's probably correct, the process of deduction is faulty. I'd say that the basic problem is, at a guess, running Javascript. Given that most systems have some hole you can wriggle through.

    • We all know this means they are running Windows.

      How many more critical systems have to fall victim to this malware/ransomware bullshit before Windows systems are banned for use in anything critical? Even just the greater likelyhood of that happening to Windows systems should render them unacceptable to use.

      In a lot of ways, this complete system shutdown is much worse for everyone than a database being stolen which is the worst case for UNIX backends.

      It's not really a system problem, but a people one. No matter what system you put in people will still open emails, despite constant reminders and training not to, and infect systems. If Windows went away magically tomorrow the criminals would just target what took over. It's even better if people think the new OS isn't vulnerable because that means they'll avoid taking precautions.

    • by fat_mike ( 71855 )
      What is your point? The majority of these Ransomware hits are end users that aren't educated correctly. PEBKAC. If *nix became the majority of the Desktop's used in a business environment then the Ransomware people would just go after every exploit they can find in those. It isn't about the OS, it's about the business educating their employees correctly. Criminals don't care about the way to exploit something for criminal gain, they care about the criminal gain.
  • ... "Oh, let's pretend I click on this link ... what will happen next and what will happen after that? The endgame is ransomware? FLAG ON THE PLAY, CALL IT!"

  • "At this time, our Atlanta Information Management team is working diligently with support from Microsoft to resolve the issue .. We are confident that our team of technology professionals will be able to restore applications soon."

    haaaaaAAAAAAAARRRRR!!!
  • It's a feature of Windows, not a bug.

  • That they're still running Windows XP. Or that they haven't installed patches, nor trained their users. And yeah - I pretty much guarantee it's all a Microsoft shop which means even their servers likely got hit.

No problem is so large it can't be fit in somewhere.

Working...