Atlanta, Hit by Ransomware Attack, Also Fell Victim To Leaked NSA Exploits

Zack Whittaker, reporting for ZDNet: It's been almost a week since the City of Atlanta was hit by a ransomware attack, which encrypted city data and led to the shutdown of some services. Mayor Keisha Lance Bottoms said in a press conference Monday that the city's government is working on recovering the network after ransom notes appeared on computer displays on Thursday afternoon. The city has hired local cybersecurity firm SecureWorks to assess the situation. Reports say the notorious SamSam ransomware was used in the Atlanta attack, which exploits a deserialization vulnerability in Java-based servers.

[...] But according to one security firm, last week's cyberattack was not a surprise because the city had fallen victim to leaked government exploits used in the WannaCry outbreak. New data provided by Augusta, Ga.-based cybersecurity firm Rendition Infosec, seen by ZDNet, shows that the city's network was silently infected last year with leaked exploits developed by the National Security Agency. The cybersecurity firm's founder Jake Williams said at least five internet-facing city servers were infected with the NSA-developed DoublePulsar backdoor in late April to early May 2017. That was more than a month after Microsoft released critical patches for the exploits and urged users to install.

GG NSA

[thegarbz]

So while the NSA also failed to keep citizens safe it now is shown to have directly contributed to an attack on its own government.

Well done!

Re:GG NSA

[thegarbz]

Nothing fair or unfair about it. The NSA had a remit to protect the nation, and they've failed at it spectacularly.

Re:GG NSA

[drinkypoo]

To be fair we have no idea what the NSA has been able to prevent by these practices.

And therefore we have to assume that it was or at least could have been nothing, because that's the responsible thing to do in the absence of evidence.

Atlanta resident

[prisoner-of-enigma]

As a longtime resident of Atlanta (almost 30 years), I can say the incompetence and corruption of the Atlanta city government is well known around here. The higher up people are mostly political cronies who have no idea what they're doing.

Not to impugn the character of the rank-and-file IT workers. No doubt they're doing the best they can with what little the city gives them to work with. If an investigation were launched -- and it never will be -- I have little doubt it would find IT has been screaming for funds to get proper security and backups implemented and those screams have been ignored. Why spend money on IT security when you can spend it on a worthless streetcar system nobody uses? Or perhaps an entertainment venue in the middle of a crime-ridden area nobody wanted to go to? Or how about a mini-golf "fun park" nobody wanted to visit in downtown Atlanta?

All these fiascos were paid for in whole or in part by Atlanta taxpayers and always seemed to get built and run by people really friendly with Atlanta politicians. Nah, no corruption to see here folks. Move along and keep electing the same morons every time the elections come along.

Re:Atlanta resident

[rmdingler]

Municipal legislators are ever more inept, and often more corrupt than even State or Federal governors, since as the government gets smaller and more localized there are fewer checks and balances.

We gripe about the ineptitude of our local representatives everywhere in the world, and yet, we barely find the time to vote or serve.

Corruption and ineptitude are interchangeably to blame, but complacency is the fertilizer.