Virginia Tech expert says ransomware attack on Atlanta is just the beginning
As the city of Atlanta’s online data is still being held hostage by ransomware hackers, expert David Raymond explains how attacks like this could be merely the tip of the iceberg unless cities proactively seek network security.
“Ransomware attacks on city governments have become very popular over the last few years as it’s proven to be profitable since cities generally lack overarching security networks,” said Raymond, director of the Virginia Cyber Range and deputy director of Virginia Tech’s IT Security Lab.
Another data breach affecting the city of Baltimore’s 911 emergency dispatch system occurred the morning of Saturday, March 24.
Atlanta’s online data was breached and placed behind an encrypted firewall on the morning of Thursday, March 22. The hackers are demanding $51,000 in the form of bitcoin in exchange for the return of city’s the network information. City officials have not revealed a great amount of information on the breach to the public since gaining knowledge of its origin.
Raymond on the ransomware attack
“Future cyberattacks on city governments such as the one on Atlanta will continue to happen as long as hackers can make a profit off of their efforts.”
“An organization can survive a ransomware attack if they have their data backed up. The dilemma of a ransomware attack is presented if rebooting that backed up data is more expensive than paying the hackers or if the breached data isn’t backed up at all. Additionally, a conflict of interest exists in that there might be a sense of never giving into or paying a terrorist. If Atlanta does pay its hackers, it could encourage other hackers to engage in this type of cyberattack as it would deem successful and profitable for the perpetrators in this scenario.”
“It’s not surprising that cities haven’t been proactive in establishing secure data networks because of the copious other areas of concern which cities are responsible for. They typically don’t consider the negative implications of lacking sufficient data security until something bad happens.”