A ransomware cyberattack last Thursday forced the city of Atlanta to shut down substantial portions of its city government. Nearly a week later, things still aren’t back to normal as officials piece together the extent of the damage.
Government workers began to turn on their computers and printers yesterday for the first time since the attack effectively held their systems hostage.
“It is expected that some computers will operate as usual and employees will return to normal use,” the Atlanta mayor’s office said in a statement Tuesday. “It is also expected that some computers may be affected or affected in some way and employees will continue using manual or alternative processes. This is part of the City’s ongoing assessment as part of the restoration and recovery process.”
In those instances, employees will have to continue filling out forms by hand, the city’s statement added.
Atlanta has yet to publicly identify the hacker, but it did say the attack was carried out remotely and not by someone with internal access to the network. The so-called ransomware attack has held the network hostage, with the hackers demanding a ransom of $51,000, paid in bitcoin, for its release.
At a press conference Monday, Atlanta Mayor Keisha Lance Bottoms wouldn’t say if the city intended to pay the ransom. “Everything is up for discussion,” she said.
Of the city’s 13 departments, five were forced to operate “manually” or were otherwise impeded since the attack. As a result, residents have been unable to pay water bills and parking tickets online; the court system has been greatly disrupted; the city has been unable to hire anyone; and the Department of Corrections has had to process inmates by hand.
Atlanta’s Hartsfield-Jackson Airport ― the world’s busiest ― was unaffected by the attack; nevertheless, it’s turned off its wifi “out of an abundance of caution” until the situation is fully resolved.
“The safety and security of our employees and customers remains our top priority,” Mayor Bottoms said in an earlier statement. “We are working around the clock to work through this ransomware cyberattack and we ask for your patience as we implement business continuity measures.”