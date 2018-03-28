Atlanta, Hit by Ransomware Attack, Also Fell Victim To Leaked NSA Exploits (zdnet.com) 9
Zack Whittaker, reporting for ZDNet: It's been almost a week since the City of Atlanta was hit by a ransomware attack, which encrypted city data and led to the shutdown of some services. Mayor Keisha Lance Bottoms said in a press conference Monday that the city's government is working on recovering the network after ransom notes appeared on computer displays on Thursday afternoon. The city has hired local cybersecurity firm SecureWorks to assess the situation. Reports say the notorious SamSam ransomware was used in the Atlanta attack, which exploits a deserialization vulnerability in Java-based servers.
[...] But according to one security firm, last week's cyberattack was not a surprise because the city had fallen victim to leaked government exploits used in the WannaCry outbreak. New data provided by Augusta, Ga.-based cybersecurity firm Rendition Infosec, seen by ZDNet, shows that the city's network was silently infected last year with leaked exploits developed by the National Security Agency. The cybersecurity firm's founder Jake Williams said at least five internet-facing city servers were infected with the NSA-developed DoublePulsar backdoor in late April to early May 2017. That was more than a month after Microsoft released critical patches for the exploits and urged users to install.
[...] But according to one security firm, last week's cyberattack was not a surprise because the city had fallen victim to leaked government exploits used in the WannaCry outbreak. New data provided by Augusta, Ga.-based cybersecurity firm Rendition Infosec, seen by ZDNet, shows that the city's network was silently infected last year with leaked exploits developed by the National Security Agency. The cybersecurity firm's founder Jake Williams said at least five internet-facing city servers were infected with the NSA-developed DoublePulsar backdoor in late April to early May 2017. That was more than a month after Microsoft released critical patches for the exploits and urged users to install.
GG NSA (Score:2)
So while the NSA also failed to keep citizens safe it now is shown to have directly contributed to an attack on its own government.
Well done!
One Billion dollars. . . . (Score:2)
. . . or we re-name all the streets "Peachttree". . .
Oops, too late. . . (grin)
This is what I hear (Score:2)
The government didn’t want to invest into a modern/proper IT infrastructure.
I am sure such changes were brought up, but was probably rejected due to not solving an immediate problem at hand, or gone with the lowest cost budget because they didn’t want to hear the tech talk.
Atlanta resident (Score:1)
As a longtime resident of Atlanta (almost 30 years), I can say the incompetence and corruption of the Atlanta city government is well known around here. The higher up people are mostly political cronies who have no idea what they're doing.
Not to impugn the character of the rank-and-file IT workers. No doubt they're doing the best they can with what little the city gives them to work with. If an investigation were launched -- and it never will be -- I have little doubt it would find IT has been screaming