Hackers Shut Down Atlanta Government’s Computers and Demand Bitcoin


On Thursday morning, around 5am EST, the city of Atlanta, Georgia lost control of its computer networks. Hackers shut down key systems across computers on the city’s networks, preventing the city from processing court payments or accessing courthouse information in one of the boldest ransomwareattacks to date.

Mayor Keisha Lance Bottoms, announced the hack in a press conference Thursday, stating that officials “don’t know the extent of the attack,” but that anyone who has done business with the city—both consumers and businesses—is potentially at risk. “We don’t know the extent or if anyone’s personal data or bank accounts will be compromised,” she said. “All of us are subject to this attack.”

The FBI’s Atlanta field office is working with the city to try and remedy the situation, and they’ve tasked a team of cybercrime investigators with tracking down the source of the ransomware.
Hackers sent a list of demands along with instructions:

“Send .8 bitcoins for each computer or 6 bitcoins for all of the computers. (The equivalent of around $51,000.)
After the .8 bitcoin is sent, leave a comment on their website with the provided host name. They’ll then reply to the comment with a decryption software. When you run that all of the encrypted files will be recovered.”

The City of Atlanta’s official account tweeted shortly after:

“The City of Atlanta is currently experiencing outages on various customer-facing applications, including some that customers may use to pay bills or access court-related information. Our @ATL_AIM team is working diligently with support from Microsoft to resolve this issue. Atlantaga.gov remains accessible. We will post any updates as we receive them. Thank you for your patience.”

Public safety and airport operations have remained unaffected, according to Atlanta COO Richard Cox. As of today, the FBI hasn’t reported having any leads or suspects, and they’ve brought the U.S. Department of Homeland Security, along with Microsoft and the Secret Service to determine the depth of the breach and how to resolve it.

However, Hartsfield-Jackson Atlanta International Airport has temporarily shut down its Wi-Fi network and disabled parts of its website as a precautionary measure. Atlanta is one of the busiest airports in the world, so the precautions have made an already frustrating experience all the more miserable for travelers. The airport’s website, including flight information, has been disabled and visitors to the site are greeted with the following message, “We are currently experiencing website difficulties. Security line wait times and flight information may not be accurate.”

Atlanta isn’t the first American city to be hit by ransomware. Last December, officials in Mecklenburg county, N.C., and the State’s capital, Charlotte discovered their networks had been taken over by ransomware. They refused to pay the ransom, and lost all their data in the process.