Atlanta’s municipal government suffered a widespread ransomware attack on its computer system last week, and the city is still struggling to deal with it.
On Tuesday, city employees were allowed to turn their computers back on, but a number of services were still affected by the attack. As the New York Times reports, “residents still could not pay their traffic tickets or water bills online, or report potholes or graffiti on a city website. Travelers at the world’s busiest airport still could not use the free Wi-Fi.” The city has also stopped taking employment applications, and its court has been unable to validate warrants.
The hackers, identified as the SamSam hacking crew, have requested a ransom of about $51,000. “We are dealing with a hostage situation,” Atlanta Mayor Keisha Lance Bottoms said earlier this week.
The Times describes SamSam as “a group that locks up its victims’ files with encryption, temporarily changes their file names to ‘I’m sorry’ and gives the victims a week to pay up before the files are made permanently inaccessible.”
It hasn’t been said whether or not the city will actually pay the ransom. The Times reports that “in most cases,” SamSam’s victims claim it’s easier to pay the ransom, when considering the lost time and costs of victims attempting to restore these systems on their own.
The group often targets institutions with money that can’t afford to go offline for extended periods of time. SamSam is likely most known for targeting hospitals — or at least it was until this recent ransomware attack.
It’s still unclear how the incident in Atlanta will be ultimately resolved, but hackers going after targets like local governments and hospitals is a troubling trend. At the very least, these attacks make life less convenient for large groups of people, at worst, such attacks are recipes for chaos. It doesn’t take much to envision the issues that may arise from hospitals becoming suddenly unable to access all of its patient records, for instance. This is why the ransom is paid so often.
But paying ransom — or not paying ransom — does nothing to guard against future attacks.