Slashdot Mirror

← Back to Stories (view on slashdot.org)

Atlanta Still Struggles To Recover From Ransomware Attack (reuters.com)

Posted by EditorDavid on from the old-school-analog dept.

An anonymous reader quotes Reuters: Atlanta's top officials holed up in their offices on Saturday as they worked to restore critical systems knocked out by a nine-day-old cyber attack that plunged the Southeastern U.S. metropolis into technological chaos and forced some city workers to revert to paper... Police and other public servants have spent the past week trying to piece together their digital work lives, recreating audit spreadsheets and conducting business on mobile phones in response to one of the most devastating "ransomware" virus attacks to hit an American city. Three city council staffers have been sharing a single clunky personal laptop brought in after cyber extortionists attacked Atlanta's computer network with a virus that scrambled data and still prevents access to critical systems. "It's extraordinarily frustrating," said Councilman Howard Shook, whose office lost 16 years of digital records...

City officials have declined to discuss the extent of damage beyond disclosed outages that have shut down some services at municipal offices, including courts and the water department. Nearly 6 million people live in the Atlanta metropolitan area... Atlanta police returned to taking written case notes and have lost access to some investigative databases, department spokesman Carlos Campos told Reuters... Meanwhile, some city employees complained they have been left in the dark, unsure when it is safe to turn on their computers. "We don't know anything," said one frustrated employee as she left for a lunch break on Friday.
"Our data management teams are working diligently to restore normal operations and functionalities to these systems," said a spokesperson for the police department, adding that they "hope to be back online in the very near future."

8 of 91 comments (clear)

  1. They should all be sacked. by Anonymous Coward · · Score: 5, Insightful

    They should all be sacked.
    Backups. Backups. Backups.
    Simple. Known process.
    Not done = sacked.

    1. Re:They should all be sacked. by jellomizer · · Score: 4, Insightful

      Unless you are working for a government agency with bosses who don’t want to fund your department.

      Backups cost money. Redundant off site hot failover systems cost more.
      Please explain to the general public on why the city should have computers running in hope you don’t need to use them. When they can use that money to feed the poor.

      I have done years of consulting and working across many agencies. And for nearly every agency the tech workers are not incompetent, I may disagree with their methods, but they know what they are talking about. The bosses on the other hand especially ones without technical background, see the IT departments as a cost center. So will invest the minimum necessary to keep it running. They don’t realize that their equipment is being attacked constantly and it is only matter of time until something gets across.

      Current I work in healthcare and luckily management invest a lot into IT. So when spyware hit we only suffered minor damage and had it restored running with 15 minuets of missing data. After that incident we in the IT area was livid, and doubled our efforts to stop it again.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    2. Re:They should all be sacked. by hey! · · Score: 3, Insightful

      If you think of security exclusively in terms of prevention you are in deep trouble.

      --
      Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
  2. Danny Droptables hits Atlanta? by deviated_prevert · · Score: 3, Insightful
    WTF? From the brief description what happened sounds like the "virus" spread instantly with a DB injection attack. A simple thing to do if vulnerable old VB6 scripted front end from 20 years ago is still shoe horned into an internet exposed db. Hell there are banks running VB6 coded garbage from 20 years ago and one wonders why we are still getting hosed. There are even a few banks here like the Bank of Nova Scotia that run backend XP desktops up until just a year ago because all of their key db software would only work with a really old activeX front end.

    We complain bitterly about problems with industrial espionage and yet we still cheap out and use crapware swiss cheese .Net garbage that hackers in China and Russian can drive a truck through.

    --
    This message was not sent from an iPhone because Peter Sellers really was a deviated prevert without a dime for the call
  3. Yes and no. by Anonymous Coward · · Score: 3, Insightful

    Yes, they should all be sacked.

    No, not the IT guys. The beancounters and managers who ignored their advice and failed to foresee the need for a proper backup management strategy for the city. IT knows this crap can happen, and IT tells Management about the need for proper backups, daily, weekly, monthly, on-site, off-site, and tape. We tell them RAID is not a backup strategy. WE tell them without backups their necks are in the noose when, not if, the shit hits the fan.

    Well, 9 days ago, the fan got crushed under 16 tons of Grade-A manure. And a LOT of necks are about to get wrung. Sure, IT will get fired, they always do. But this time, everyone who was against backups is gonna go down with them. Cause its not IT's fault the city chose not to have solid backup strategies in place with the vulnerabilities of today, that fault lies solely with everyone who said it was too expensive for no return, too much time for something that didn't make money, or that "education" would be enough protection so we don't need other solutions.

    1. Re:Yes and no. by Anonymous Coward · · Score: 2, Insightful

      Audits are completely useless and meaningless because:

      (a) The auditors are just as stupid and incompetent as the people they are auditing
      (2) If the auditors start flunking people and telling their clients that they are going to have to fix their shitty broken systems --- i.e., spend a lot of money -- they will quickly lose all their business. So, everyone passes their audits with flying colors.

      This, this, THIS. I briefly worked for a company that provided lockbox services for a number of banks, running them on a "cloud infrastructure" that was actually a number of ancient servers sharing an even more ancient SAN with a failing RAID card. The "data center" was located in an outside-facing suite in an office building next door connected via a single WiFi antenna, with a glass entry door with a single cylinder lock, no cameras/monitoring, no environmental monitoring, no fire suppression beyond the existing sprinkler system, no mantrap (you could clearly see the racked servers and UPSs from outside), and a way underpowered generator that hadn't been started at all in at least a year. Yet, they passed their SSAE 16 Type 2 audit with flying colors.

  4. kill the windows servers, and do backups by Anonymous Coward · · Score: 2, Insightful

    throw the windows servers in the trash.

    and do backups.

  5. Re:They should definitely regulate how businesses by Anonymous Coward · · Score: 0, Insightful

    And people think having these types of people that do business as the government regulating how businesses secure data would be so wonderful. Insane!

    Atlanta is over 80% black. A black-run city is not representative of the rest of the US. Read up about Atlanta sometime. It really is an American shithole in every conceivable way. But don't visit there. It's an incredibly dangerous place to be. Violent crime everywhere. Just like every other black-run nation and black-run city.

    I don't care if that's "offensive" I care about if it's true, and it is. Only overgrown children fail to deal with reality.