Content, Breach, Ransomware

Atlanta Ransomware Attack Delays City’s 2019 Budget Process

Atlanta Mayor Keisha Lance Bottoms
Atlanta Mayor Keisha Lance Bottoms

A ransomware attack has delayed the City of Atlanta's 2019 budget process, according to Reuters. Mayor Keisha Lance Bottoms was due to make her first budget pitch no later than the first Atlanta city council meeting in May in advance of the fiscal year beginning July 1. However, it remains unclear when Lance Bottoms will present a 2019 budget proposal to the Atlanta city council.

The City of Atlanta ransomware attack compromised Atlanta's budget planning system for weeks, Reuters reported. Meanwhile, many Atlanta computer systems are still affected by the attack.

City of Atlanta employees discovered a ransomware attack on March 22. At that time, cybercriminals demanded a ransom of about $50,000 in bitcoin to decrypt the Atlanta government's systems.

Atlanta Government Spends More Than $5M on Ransomware Attack Recovery

To date, the Atlanta government has approved more than $5 million in emergency cybersecurity contracts following the ransomware attack, according to the city's Department of Procurement. Emergency cybersecurity contracts were awarded to SecureWorks (a Top 100 MSSP) and Microsoft, among others.

The City of Atlanta also has created a cross-functional incident response team that includes city officials, law enforcement, the FBI, U.S. Department of Homeland Security (DHS), U.S. Secret Service and independent forensics experts. This team is assessing the ransomware attack and evaluating ways to protect the city against future cyberattacks.

In addition, the City of Atlanta is working with private and governmental partners to investigate the ransomware attack. The extent of the compromise is still being investigated, city officials indicated.

What Can MSSPs Learn from the Atlanta Ransomware Attack?

The Atlanta ransomware attack highlights the dangers of being unprepared to deal with cyberattacks. Fortunately, MSSPs can help organizations plan ahead for cyberattacks and ensure they know what to do if ransomware, malware or other cyber threats penetrate their infrastructure.

Furthermore, artificial intelligence-based threat protection solutions firm Cylance indicated there are many tried-and-true best practices that MSSPs can recommend to help organizations safeguard their data, networks and systems against cyberattacks. These best practices include:

  • Limit remote access.
  • Manage user access and permissions within an IT environment.
  • Teach employees about social engineering, phishing and other cyberattacks.
  • Update hardware and software regularly.

MSSPs also can provide organizations with valuable cybersecurity resources. By doing so, MSSPs can help organizations keep pace with rapidly evolving cyber threats and stop cyberattacks before they escalate.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.