Fulton County government systems still down due to cyberattack | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker


Many Fulton government systems in addition to the library’s public computers remained down following the weekend’s cyberattack. Phones at county offices are out and several offices — including elections, the tax commissioner, Superior Court clerk, county service centers and Probate Court service centers — are all closed.

Only satellite offices for license tag renewals are open, said county spokeswoman Jessica Corbitt. Tags can also be renewed at the automated kiosks in various locations. Courts are operating with “backup processes,” but online public functions aren’t working.

Matt Coggin is hoping he’s close to securing a liquor license for the Roswell Road location of his DBA Barbecue.

“I’m supposed to go before the liquor review board Monday or Tuesday,” said Coggin, who’s been following coverage of Fulton County’s digital woes. “I’m scared, but I’m going to keep my fingers crossed. We’re kind of near the end.”

DBA already operates a Virginia-Highland location and Coggin is hopeful the tech wreck will be over quickly.

“I’m optimistic this will all be cleared up soon,” he said. “I’m feeling lucky.”

Credit: Provided

icon to expand image

Credit: Provided

Few details have been released about the attack. Many county offices were closed Monday, when County Commission Chair Robb Pitts confirmed there had been a “cybersecurity incident” over the weekend. He said he didn’t know when county functions would be restored.

“At this time we are not aware of any transfer of sensitive information about Fulton County citizens or employees,” Pitts said.

Law enforcement is investigating, and county officials don’t expect to release much more information while that continues.

The lack of details released so far makes it hard to tell the scope and effects of the attack, said cybersecurity expert Brendan Saltaformaggio, associate professor at Georgia Tech’s School of Cybersecurity & Privacy.

“I really would encourage Fulton to get that information out to the public as quickly as they can,” he said.

What stands out to Saltaformaggio so far is the “big spread of systems” that were affected. That could be due to one very broad-based attack or several small ones, likely all from the same source.

“Perhaps the attacker didn’t have a huge foothold in the network, just a couple little backdoors, and used them for what they could,” Saltaformaggio said.

It could take “weeks or months” to figure out who’s behind it, he said.

“It could be anyone from a brilliant computer programmer here in the U.S. to nation-states around the world,” Saltaformaggio said. It’s possible the hacker may not even have known beforehand they were getting into a county computer system, he said.

The city of Atlanta suffered a devastating cyber attack in 2018 that cost taxpayers millions of dollars. Two Iranian citizens were eventually charged in that ransomware attack.

Speculation of a political motive for the attack is premature, but that’s certainly a possibility, Saltaformaggio said. Fulton District Attorney Fani Willis’ office has faced dozens of threats related to the prosecution of former President Donald Trump and associates on charges of interfering in Georgia’s 2020 presidential election. Because the attack is so widespread, it’s more likely that Willis’ network is just caught up in it, according to Saltaformaggio.

There is a “very good possibility” it’s a ransomware attack, Saltaformaggio said.

“Local governments are in a particularly vulnerable position relative to cyberattacks,” he said. “I see the data every day, and the data shows cyberattacks are not slowing down.”

Henry County schools suffered a similar attack in November. District officials said on Monday that is has restored internet to all schools as of Jan. 16, more than two months after the district cut connections to the web because of suspicious activity on its servers.

The school system of 43,000 students has said that it was hacked by “a criminal operation operating outside the United States,” but has yet to report whether there was a ransomware demand.

The district took its internet offline on Nov. 9, which forced staff — including teachers, principals and administrators — to pull out analog tools for classrooms, such as overhead projectors, calculators and paper and pen.

The DeKalb County School District said a 2019 security breach of a school nutrition technology services company may have exposed the personal information of select students. More recently, the Walker School, a private institution in Cobb County, alerted more than 1,000 people that their names, addresses and Social Security numbers were stolen during an October computer hack.

“It’s my recommendation that no one ever pay ransom to ransomware,” Saltaformaggio said. “You are literally negotiating with terrorists.”

Fulton’s phone system went down because calls run through the county computer system. Customer service requests can still be made at [email protected].

Affected phone systems include the Fulton County Sheriff’s Office, according to that agency’s post on X, formerly Twitter.

“The outage is countywide, so all departments are affected,” the post says. The sheriff’s office can still be contacted via email at [email protected].

The county’s news release said various legal transactions “may be limited” during the outage, including firearm and marriage licenses.

AJC reporter Leon Stafford contributed to this report.

——————————————————–


Click Here For The Original Story From This Source.

National Cyber Security

FREE
VIEW