The Impact of Atlanta’s Ransomware Attack on Future Smart City Initiatives

Subscribe To Download This Insight

2Q 2018 | IN-5090

On March 22, 2018, a ransomware attack shut down the City of Atlanta’s online systems. The suspected group behind the attack is known for using SamSam ransomware and demanded a ransom payment of US$51,000 payable in Bitcoin within one week. To provide some context, Atlanta’s total fiscal year 2018 budget is US$649 million with US$2.2 million allocated toward Department of Information Technology projects. The ransom demand is a small drop in the bucket compared to Atlanta’s total annual expenses, and the attack itself follows the SamSam group’s method of operating by choosing targets that are more likely to pay and possess both weak security and sensitive information. While the group has collected over US$800,000 within the past few months by targeting healthcare, education, and government organizations, it is unclear whether or not the City of Atlanta will meet the hacker’s demands. Many organizations have been able to avoid paying the ransom by relying on backup files and systems, but other organizations have not been so fortunate or prepared. If organizations and local governments are unable to protect their legacy systems from these attacks, what chance do they have at stopping these types of attacks on the much newer Internet of Things (IoT) deployments?

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Insight.

 

Ransomware Attacks Rising

NEWS


On March 22, 2018, a ransomware attack shut down the City of Atlanta’s online systems. The suspected group behind the attack is known for using SamSam ransomware and demanded a ransom payment of US$51,000 payable in Bitcoin within one week. To provide some context, Atlanta’s total fiscal year 2018 budget is US$649 million with US$2.2 million allocated toward Department of Information Technology projects. The ransom demand is a small drop in the bucket compared to Atlanta’s total annual expenses, and the attack itself follows the SamSam group’s method of operating by choosing targets that are more likely to pay and possess both weak security and sensitive information. While the group has collected over US$800,000 within the past few months by targeting healthcare, education, and government organizations, it is unclear whether or not the City of Atlanta will meet the hacker’s demands. Many organizations have been able to avoid paying the ransom by relying on backup files and systems, but other organizations have not been so fortunate or prepared. If organizations and local governments are unable to protect their legacy systems from these attacks, what chance do they have at stopping these types of attacks on the much newer Internet of Things (IoT) deployments?

Legacy Systems Still Vulnerable

IMPACT


Ransomware attacks on local governments are on the rise even as these governments are deploying smart city solutions. Existing systems are insecure, yet many of these organizations are moving forward with deploying thousands of devices, exponentially increasing the potential risk. The City of Atlanta was likely targeted due to weaknesses within its existing Information Technology (IT) security, which a recent audit revealed. According to auditors, significant levels of preventable risk existed in the form of long-standing issues that city employees got used to and did not have the time or resources to fix. The audit concluded that Atlanta had no formal processes to manage risk to its information systems. Other cities are likely vulnerable as well, but they too may not have the time or resources necessary to fix their systems before they are victims of a ransomware attack as well.

Protecting Thousands of Potential Access Points

RECOMMENDATIONS


While legacy systems remain vulnerable, device manufacturers and platform providers are working on providing secure device management options for local governments looking to deploy smart city solutions. Smart cities by their very nature are a collection of different vertical-centric, standalone subsystems that do not interwork with one another. For example, different departments within a local government, such as water or energy utilities, can have their own independent connected solutions that do not interwork. For smart city deployments, security is often being implemented via device management standards. Standards like oneM2M and LighweightM2M integrate different types of devices, networks, security frameworks, transport protocols, services, and data models into one platform by creating a horizontal framework that supports the interworking of these otherwise disparate solutions. The need for robust device management services in smart city applications will drive worldwide device management revenues within these applications from US$1.7 billion to US$3.2 billion in 2023.

It is easy for cyberattacks like this to take on a routine sort of post-modern inconvenience and to be filed away and forgotten about. However, governments and organizations alike have a responsibility to protect not only their own data but also the data of any customers or constituents, and they are repeatedly failing to do so. The City of Atlanta plans to spend US$649 million on a variety of projects and initiatives in 2018 but was unable to allocate the necessary resources to fix known, long-standing issues with its information technology security. Former Vice President of the United States Joe Biden famously stated, “Don’t tell me what you value, show me your budget, and I’ll tell you what you value.” Far too often, these organizations and municipalities do not truly value security and privacy, but moving forward, they need to implement proper security methods as well as implementing contingency plans.

Services