Skip to main content
close search
site logo
Dive Brief

'Cattle-not-pet' system management could have prevented Atlanta's ransomware attack

Published June 11, 2018
Samantha Schwartz's headshot
Samantha Schwartz Reporter
Gratisography; Ryan McGuire

First published on

CIO Dive

Dive Brief:

  • Atlanta's March ransomware attack is leading many to believe this is the worst cyberattack on a U.S. city to date, reports Reuters. Police and court services are still dealing with the impact and about 30% of applications are in "mission critical" states, according to Daphne Rackley, the city's head of information management, speaking to the Atlanta City Council. 

  • For example, only six of 77 computers consisting of a decade's worth of legal documentation were maintained from the attack, according to interim City Attorney Nina Hickson. The police department's dash cam footage was also unrecoverable.

  • Rackley is projecting nearly $10 million more in recovery costs. Prior to the hacking, Atlanta Mayor Keisha Lance Bottoms previously proposed a budget of $35 million for the city's technology, according to Reuters.

Dive Insight:

The city had thought no critical systems were impacted from the cyberattack but as the investigation continues more damages have been revealed. The costs are mounting and the city already paid $2.7 million in recovery from March 22 to April 2.

Atlanta's attackers used a password discovery tool to "move laterally through a network" in public-facing systems with insufficient credentials, according to Adam Firestone, chief engineering officer at Secure Channels Inc., in an emailed statement to CIO Dive. Atlanta needed a refreshed vulnerability assessment to flag shortcomings like weak passwords.

Experts have attributed Atlanta's attack to the hacker group known as SamSam. The group has a reputation of demanding a ransom that is presumably within a victim's means, but Georgia's capital maintains it did not pay the approximately $50,000 worth of bitcoin the ransom demanded.

Ransomware attacks like Atlanta's are most damaging to entities that treat their systems, such as servers or workstations, "like cattle, not pets," said Firestone. This means instead of tending to a sick system, IT can just eliminate what is threatening the rest of the system or "herd." The benefit of modernizing systems gives the metaphorical sick cow a second chance at life with a backup.

"Deterrence by denial is as effective in cyberspace as it is in physical space," according to Firestone, and "malicious actors can be effectively deterred by simple economics." If organizations in the public or private sector are able to decrease an attacker's return on investment, they can also lower their chances of becoming a hacker's target.

The loss of some data is "inevitable," in most cyberattacks according to Firestone. But a virtualized server would equate to a downtime of mere minutes, which undermines the urgency rooted in ransomware-related outages and the notion of paying a ransom.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release

Want to share a company announcement with your peers?

Share your announcement

Editors' picks
Latest in Climate & Resilience
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell