Update, 4/2/2018: The City of Atlanta continues to struggle getting their systems back online. Since turning on computers last week, they have found a plethora of data that has been left inaccessible. The city has not paid the $51,000 ransom demand, and remains uncertain if they will be able to recover the remaining data that has been left encrypted.
Update, 3/29/2018: The City of Atlanta has released a new information hub webpage, which is available to the public. The purpose is to provide one place for everyone to ask questions, see the press releases, and get the latest information on the ransomware attack that has crippled the city’s systems. At this time, city offices are still “working around the clock” to get the ransomware removed and the files recovered. At this time, there has been no evidence of misuse of personal information. Although, the city is encouraging residents to act proactively and keep an eye on their personal accounts for any changes. Also, it remains unclear when the systems infected with ransomware will be restored. City officials have stated,
“It would be inappropriate to speculate on when this matter will be fixed, but we are committed to resolution. “
Update, 3/27/018: For the first time since March 22, 2018, the City of Atlanta is turning on their computers, servers and printers to gauge the impact of the SamSam ransomware infection. The city’s offices have remained open during the remediation process; however, multiple services have been impaired. As of today, city employees have access to their email accounts, as well as other programs needed for job duties. Although the programs are available, the only employees who are able to access them are those who have uninfected computers. It remains unclear how long the remediation process will take, or if the city will end up paying the $51,000 ransom demand.
City of Atlanta Struggling Post-Ransomware Infection
Officials have confirmed, the City of Atlanta’s systems are suffering from outages after ransomware infected their networks. It is believed the City of Atlanta’s systems were infected with the same ransomware variant, SamSam, that took down Colorado’s Department of Transportation earlier this month. At this time, multiple areas of the network, both internal and consumer-facing are offline. Some of which, interfere with an individual’s ability to pay for services online, as well as access the city’s transportation system, MARTA. However, Atlanta’s international airport, city website atlantaga.gov, and emergency systems appear to be running as usual.
The current ransom demands are at $51,000. City officials have reported the IT team is working with Microsoft to resolve the issue. It remains unclear how long systems will be offline, or if the city will end up paying the ransom demand.
Other Ransomware Attacks
For a list of ransomware attacks that have already taken place in 2018, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.