WiFi Phishing Attacks Discovered Around Atlanta City Hall

As Atlanta continues to fully recover from March's ransomware attack, new evidence discovered today by Coronet reveals hundreds of active Wi-Fi phishing attacks currently ongoing both inside of and in close proximity to Atlanta City Hall. From a report: The research also found attacks currently underway in Georgia's State Capitol Building, which is just a few blocks away. In total, Coronet identified 678 active threats within a 5-mile radius of Atlanta's City Hall. Specifically, Coronet has validated that an undetermined number of attackers are currently deploying advanced phishing techniques, including but not limited to Evil Twins, Captive Portals and ARP poisoning, in what is likely their attempt to gain unauthorized access to user credentials to cloud services that the government relies on for daily business operations and continuity.

Closed

[jfdavis668]

Gone phishin'

Ransomware attack

[olsmeister]

Ransomware really isn't so much of an attack... as it is shooting yourself in the foot.

Re:Ransomware attack

[nuckfuts]

What an arrogant assertion. You think you're so smart you're invulnerable to attack? You think your computer is invulnerable to attack? You think your network is invulnerable to attack. Think again.

Re:Ransomware attack

What an arrogant assertion. You think you're so smart you're invulnerable to attack? You think your computer is invulnerable to attack? You think your network is invulnerable to attack. Think again.

I don't believe that's what olsmeister meant by their statement. They don't say that it isn't dangerous, instead comparing it to hurting yourself by accident. It still causes damage, and it can still happen, but it is more preventable than some other forms of malware. However, the distinction must be made in how the ransomware is distributed, as that is what determines whether or not you can blame someone for "shooting [themselves] in the foot". But I digress.

Re:Ransomware attack

Nope i don't think so on all counts, but what i do have is a proper backup schedule which means that at the worst i lose 8 hours of work. Security isn't just about making it tough for the bad people to get in but also about being prepared for when they do! So no the parent comment was not arrogant at all, you are just hyper sensitive!

I operate based on the idea that given enough time, everyone gets hacked and the worst case scenario is a complete loss of data. Therefore anyone who does not have a proper back up routine running is pretty much shooting themselves in the foot. Anything else is just plain negligence on the part of all the professionals involved in securing said computing resources as a proper backup routine is one of the easiest things to implement.

Re:Ransomware attack

Nope i don't think so on all counts, but what i do have is a proper backup schedule which means that at the worst i lose 8 hours of work.

So long as the ransomware is primitive. If not, those backups you have been doing for the last few months have already been encrypted.

Re: Ransomware attack

How the hell would a ransomware on my PC affect the data backups I pull via rsync from a different box with different credentials and snapshot with ZFS, emailing myself a summary which would reveal unexpectedly massive deltas in the case if infection?

I don't care if I lose my Windows notepad.exe, I can reimage/reinstall it. That's an annoyance to be sure, but hardly a major loss.

If all you do is copy stuff to a raid mirror or a local usb back... That's copying data, not backing it up.

get the word out

Bourdain was killed

Re: get the word out

The guy ate scorpions on a stick and deep fried centipedes so who the hell can tell... maybe Bin Laden did it... ae911truth org

Coronet?

I thought Coronet was a 5&dime store in the 60s

Counter surveillance?

[AHuxley]

A real time database of all city contractors, police, lawyers, workers, informants, undercover police, code enforcers, police?
Every person near the site would have had face, registration plate, passenger face, daily drive, phone details kept.
Someone enters a part of the city and their phone has been near city hall a few times? Undercover.
Phone is near city hall everyday? City worker, contractor is "working".
The code pushed is just cover to get the networks and devices reporting location and unique details. The real work is in the workers later movements in real time.

Who does this "tech" effort on a US city?
Gig economy company tired of city "laws" and their new gig services getting too much city enforcement.
Find all the city workers and just avoid enforcement efforts in real time as every city worker, undercover is now "discovered".
Criminals and cults/faith groups just apply for a city job/contract work and spy with "workers" for generations from within. Low risk of detection as they work for the city for decades.
Other nations just spy with their own generations of workers deep in the US gov at a city, state level. Split loyalty and US city workers report back to their own nations/faith. No risk of detection.
Criminals and other nations spies would not do this tech effort as it induces a search for well placed spies/criminals. Why do the one thing with tech to alert US law enforcement when spies/criminals/cults/faith groups are in place for decades reporting back without discovery?
Someone needs the real time moment patterns of all city workers and undercover city police work.

How to avoid this at a city level? Ensure no undercover city worker/police ever goes near city hall. No cell phone, no computer ip, no contact. No digital detection and its all good to stay undercover.
The way the FBI rents a part of a secure building under a random company name. They can then work out of that office for years and its just another company with office workers.

Re: Counter surveillance?

[Nidi62]

APD headquarters isn't near the capital building in Atlanta.

Re: Counter surveillance?

[AHuxley]

Thats why the list of people of interest moving around a city hall has terms like "city contractors", "code enforcers"...
Could it be internal affairs? The FBI using random "malware" as a cover for a cyber task force looking at the inner workings of city hall? Someone has put some m money and effort into most thing digital around city hall?
What has city hall got that some tourist, wealthy cafe part of a city would not have? If it was just criminals looking for instant wealth cyber crime?

Re: Counter surveillance?

[UsuallyReasonable]

"Could it be internal affairs? The FBI using random "malware" as a cover for a cyber task force looking at the inner workings of city hall?" Yes I wondered that too. It seems like an odd target otherwise.

Re: Counter surveillance?

[AHuxley]

Much more wealthy areas of the USA that the type of people who are given work for the city government.
Criminal does not fit well if its for max wealth in min time from pushed out malware.
Who would notice another "free" wifi offer with lots of malware in a wealthy part of a city?
So the effort for that cost must be the gathering of another type of data of value.
Someone wants someone trusted to carry extra malware into work with them and is in a hurry to infect most city workers most of the time?
Why risk a detectable mass effort when a few workers could be approached in a hidden way for a much more clandestine effort nobody would detect in the wild until after the results?
Federal pen testing gone extra large to finally get the city to notice?
A mass infection range that needs months to uncover to cover the deeper direct malware?

Security is a process.

So turn off WiFi then, or at least implement WPA2 enterprise. Public networks completely separate, and fire-walled forward and backward, egress and ingress.