At a public meeting on Wednesday, a city official proposed that an additional US$9.5million is needed towards Atlanta’s cyber attack recovery costs.

More than two months ago, Atlanta’s connected systems city-wide were hit with a ransomware message which locked the city’s files and demanded a payment of US$51,000 in bitcoin in order to get access to the files, which didn’t get paid.

The attack led to more than 424 of the city’s software programmes being disabled or thrown offline, with 30% of the applications considered “mission critical”, affecting law and police enforcement including dashcam footage.

Technical infrastructure

The city took weeks to regain control of its technical infrastructure, affecting citizens and the city in a number of different ways.

Following this, Daphne Rackley, Atlanta’s Interim Chief Information Officer and Head of Atlanta Information Management, estimated that US$9.5million would need to be added to the department’s US$35million budget in order to fix the damage.

Now, police officers have managed to gain access to their electric file reports and some databases used for investigations, as well as their 311 system which operates the reporting of potholes and litter picking.

Nevertheless, the law enforcement is still not able to use some of its databases, and the city’s water department is unable to take any form of payments.

‘Tremendous damage to the city’

Ilia Kolochenko, CEO of High-Tech Bridge, commented: “In light of the shocking facts around the incident that virtually paralysed the entire city, I think that the true problem is not ransomware. The problem is unreliable, overcomplicated and insecure-by-design IT architecture.

“Segregation of duties, data and network access control, proper segmentation, daily backup, desktop hardening, anomaly detection – are de facto a must-have in any modern company or governmental entity. Apparently, none were in place.

“The ransomware is likely driven by a trivial itch for gain, but what would the outcome be if the attackers were a nation-state group? They can cause tremendous damage to the city, its infrastructure and citizens. I think IT companies responsible for maintenance of Atlanta critical IT infrastructure can be liable for negligence. Someone should be accountable for this.”

According to the FBI, schools and hospitals also have to be extra cautious of ransomware attacks because there has been a huge rise in public services being attacked within the last three years.

Written by Leah Alger