INCIDENT: Ransomware Attack Shuts Down City of Atlanta, GA,

On March 22, 2018, Atlanta’s connected systems city-wide were hit with a ransomware message locking their respective files and demanding an approximately $50,000 payment in bitcoin (the price has fluctuated since). The ransomware is believed to be from the group known as SamSam, which has been operating and executing similar attacks since at least 2015. Atlanta residents were unable to do simple city system-dependent tasks like paying parking tickets or utility bills. City employees didn’t get the all-clear to turn on their computers until five days later and many city systems still have not recovered. The cyberattack took more than one-third of Atlanta’s 424 software programs offline or partially offline. The first month of recovery cost almost $3 million.

Incident Date

March 22, 2018

Location

United States

Estimated Cost

$50,000 in Bitcoin demanded.

Type of Malware:

Threat Source:

No threat source identified

References:

  • How Atlanta’s CIO rebuilt IT after the city’s cyberattack — and what’s next
  • A Cyberattack Hobbles Atlanta, and Security Experts Shudder

Industries:

Impacts

IT

Pin It on Pinterest

Scroll to Top
Scroll to Top