Photo: AP

“We are dealing with a hostage situation,” Atlanta’s Mayor Keisha Lance Bottoms told reporters this week as her government, the target of a malicious cyberattack, ground to a halt.

Residents were kept from paying their bills, and those trying to go online to switch on water services at new homes have been left with dry taps. Municipal courts, too, have been closed, meaning parking tickets and other citations are going unpaid.


But all in all, it could’ve been much worse.

City employees, at least, are still getting paid, and no one was hurt. Past attacks, such as those in London last year, have left hospitals frantically transferring patients and redirecting the injured away from affected emergency rooms.

On Tuesday, Atlanta began turning its computers and printers back on, though the Hartsfield-Jackson Atlanta International Airport kept its free wi-fi service offline out of an “abundance of caution.” An outbreak at the airport could be a disaster, particularly if the infection compromised unsuspecting travelers en route to other cities, where more potentially vulnerable systems await.

In Baltimore, Maryland, less than 700 miles to the northeast, a ransomware attack temporarily crippled the city’s 911 dispatch system, official said Wednesday.


The Atlanta attack, discovered on March 22nd, was followed by a demand: $51,000 in bitcoin. Authorities have not said whether the payment has or will be made. Surrendering, some experts believe with obvious justification, will only encourage future attacks against local governments.


At a news conference Thursday, Atlanta officials said some of the city’s data had been encrypted. The origin of the attack remains unknown and the extent of the compromise is still being evaluated. While at press time the city believes that no personally identifiable information has been stolen, as a precaution, it is operating and investigating the matter as if it were.

SecureWorks, a private company, was brought in to investigate and is working alongside the FBI, Secret Service, and Homeland Security. On Monday, SecureWorks CEO Mike Cote told reporters that its investigation had been completed and that the recovery phrase was underway.


Every aspect of the city’s response will be scrutinized in preparation for the next attack, which is assured to happen in the days, weeks, or at most, months ahead. “Just as much as we really focus on our physical infrastructure, we need to focus on the security of our digital infrastructure,” Bottoms told reporters this week.

“I am looking forward to us really being a national model of how cities can shore themselves up and be stronger because of it,” she said.


The FBI’s Atlanta field office could not be immediately reached for comment.

Senior Reporter, Privacy & Security

Share This Story

Get our newsletter