Five days after a cyberattack forced City of Atlanta employees to turn off their computers to preserve the cityâs network, officials declined to provide the public any new significant detail about the attackâs origin on Monday.
At a press conference at City Hall, an outside computer security consultant for the City of Atlanta said that his firm had completed the âinvestigation and containment phasesâ in response to the cyber attack.
âWe are transitioning into the recovery phase to include the methodical restoration of critical systems,â said Michael R. Cote, President & CEO of Secureworks, an Atlanta-based firm called in to assist the city.
But as Atlanta Mayor Keisha Lance Bottoms faced questions about what vulnerabilities the investigation uncovered, Cote interrupted a reporter and appeared to contradict his earlier statement.
âExcuse me, excuse me, the investigation is not complete,â Cote said. âWe started the early phases of the investigation. We still have a lot of work to do. We are beginning to move into the recovery phase. So there is multiple phases when you do an incident response investigation.â
Cote said he knew who was behind the attack, but declined to identify them.
The city's Department of Atlanta Information Management at 5:40 a.m. Thursday learned of outages of various internal and customer applications "including some applications customers use to pay bills or access court related information," according to a statement from Richard Cox, the city's interim Chief of Operations.
The public safety department, water services and flights out of Hartsfield-Jackson Atlanta International Airport operated without incident, Cox said.
However, the airport turned off its wifi following the hack and some tools on the airportâs website were down, such as security wait times and flight information.
âWhile we arenât directly affected by the cyberattack, we are being abundantly cautious and have taken these systems offline,â Atlanta airport spokesman Reese McCranie said.
âWhile we arenât directly affected by the cyberattack, we are being abundantly cautious and have taken these systems offline,â Atlanta airport spokesman Reese McCranie said.
Bottoms said that city officials hadn't found any evidence that sensitive employee or public data had been compromised in the Thursday attack. Still she urged employees and residents to monitor their accounts and credit activity.
She also did not rule out paying a $51,000 ransom being demanded to unlock the cityâs computer system.
Bottoms compared the attack to a âhostage situationâ and argued that the city couldnât give away too much information.
âWe are working around the clock,â she said. âWe just continue to ask the public to be patient.â
Employees in five of the cityâs 13 departments are performing their jobs âmanually,â or are not able to function as efficiently as they have in the past.
Those departments include: Corrections, Watershed Management, Human Resources, Parks and Recreation and City Planning.
The Department of Watershed Management is unable to accept bill payments online or in person or process new water meter sales.
âThis is really much bigger than a ransomware attack,â Bottoms said. âThis was an attack on our government, which means it was an attack on all of us.â
About the Author
