Atlanta suffered one of the highest profile cyberattacks against a U.S, target when the ransomeware virus SamSam wreaked havoc on nearly every part of the city government.
The virus infected financial systems, court systems, customer relationship systems, and service desk systems, resulting in a massive loss of data that needed to be recovered. When logging on to these systems, employees were greeted with an anonymous request for a bitcoin payment amounting to $51,000.
A system audit prior to the attack showed that nearly 100 government servers were running a version of Windows that Microsoft stopped supporting years earlier and as many as 2,000 other vulnerabilities turned up, making Atlanta a prime target.
The initial recovery steps were to implement fundamental practices including better password management and greater restrictions on access to sensitive systems. In addition, the city migrated many critical applications to a hybrid cloud service to improve security.
State and local governments need to develop a collaborative action plan ahead of time in order to effectively respond to ransomware and similar cyberattacks.
Summarized from StateScoop