On March 22, 2018 the city of Atlanta was hit with a ransomware attack. It is believed that a server was left vulnerable and the infection began there. Luckily critical infrastructures, such as the airport, water and public safety, were not affected. The ransomware spread to desktop computers through out the city’s network. The cyber criminals held the computers for ransom and demanded 6 Bitcoin. As of now the ransom has not been paid. (A similar attack hit the Colorado Department of Transportation last month and they refused to pay.)
Acoording to Forbes, the “malawre’s impat is still being assessed. City of Atlanta IT staff are working with investigators from the FBI, Department of Homeland Security, Microsoft and Cisco to determine what data has been encrypted.” Mayor Keisha Lance Bottoms warned that any individuals or businesses that conduct business with the city were at risk and should monitor their accounts, including bank accounts, closely during this time.
The ransom notes are similar to ones left from the SAMSAM ransomware family, which usually targets the government, control sectors, or healthcare. Ransomware is a software that basically locks down users from accessing their system until a ransom is paid. More and more are requesting payout in the form of crypto-currency. In this day and age, ransomware is becoming a more common headline theme. Stay protected! check out Fibernet’s services here.