Slashdot Mirror
Atlanta City Government Systems Down Due To Ransomware Attack (arstechnica.com)
An anonymous reader quotes a report from Ars Technica: The city of Atlanta government has apparently become the victim of a ransomware attack. The city's official Twitter account announced that the city government "is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information." According to a report from Atlanta NBC affiliate WXIA, a city employee sent the station a screen shot of a ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems. Employees received emails from the city's information technology department instructing them to unplug their computers if they noticed anything suspicious. An internal email shared with WXIA said that the internal systems affected include the city's payroll application. "At this time, our Atlanta Information Management team is working diligently with support from Microsoft to resolve the issue," a city spokesperson told Ars. "We are confident that our team of technology professionals will be able to restore applications soon." The city's primary website remains online, and the city government will continue to post updates there, the spokesperson added.
I'm pretty Microsoft will charge more AND some data will be lost on many many computers. I don't think they have full disk backup on every computer, plus all the time wasted before everything is back online.
Misconfigured group policy and AD privileges leading to one infectee having the ability to encrypt everyone on the network. What are the odds they even have backups for these systems?
WTF.
They might not even decrypt anyway.
Just restore from your excellent backups. Everybody loses a day of productivity, and the courts should have paper records anyway.
You are being ripped off every second of every day, so that advertisers can help rip you off even more tomorrow.
We all know this means they are running Windows.
How many more critical systems have to fall victim to this malware/ransomware bullshit before Windows systems are banned for use in anything critical? Even just the greater likelyhood of that happening to Windows systems should render them unacceptable to use.
In a lot of ways, this complete system shutdown is much worse for everyone than a database being stolen which is the worst case for UNIX backends.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
There are two answers to this question.
1) Nobody. Everything was done by committee, so there is no one person to blame, and no one person to take the fall. This is very common in Public Sector domains, there is nobody TO fire, because no one person is responible for anything. The people at the top are insulated from their boneheaded decisions as the push the blame down the chain. Those down the chain are all in committees that decide everything.
2) The guy at the Bottom, who was only doing what he was told and allowed to do, but nobody likes. He'll get reassigned to another department because they can't really fire him(her), because the process to fire someone is so bad that nobody actually goes through the whole process ever.
That's why nobody is getting fired.
Agent K: A *person* is smart. People are dumb, stupid, panicky animals, and you know it.
Well if you're doing it right you just have their My Documents or Documents folder pointed at a file server. But that opens up its own can of worms.
Yup. For example, the first time someone takes their computer home and doesn't log not the network they panic that all their files are gone. The fix: Save everything to the desktop.
Network goes down. Solution: Save everything to the desktop
The solution isn't technical, even though that is the approach often taken. The problem is that users do not understand how backups work, how to access networks remotely, etc.; and organization do not want to spend money to actually train them as well as come up with a backup solution that actually works. Users just want to get work done and don't care where and how stuff is backed up, as long as it doesn't make their life harder when using the computer.
The lack of training goes beyond backups. I've helped friends by showing them how tehy can add page numbers to documents rather than number them one page at a time; showed them how you can merge an Excel file into Word so that it fills out the appropriate sections instead of cutting and pasting one cell at a time, etc. One person didn't even realize they could save document under a different name. Some simple things, others not so simple; but all point to a failure to realize where a problem exists. It's easy to say "they can learn" but the reality is people will find one way to do a task and continue to do it that way even if it is painful.
Sometimes you can see the train wreck coming. I was working with a company that was installing a brand new financial system. When I laid out the training requirements (which were a lot because there would be entirely new screens, process, old ways to fix errors would no longer work, changes in access, etc.) I got "We don't need all of that. It's still a facial system so it should only take a couple of hours to learn. Oh, and by the way, the help desk won't be ready by go live." I ran away as fast as I could. Last I heard they abandoned the project after much time, money and effort and the IT head got canned.
I'm a consultant - I convert gibberish into cash-flow.