Another city gets hacked. With paper and phones, Atlanta struggles to recover from cyber attack
Atlanta’s top officials holed up in their offices on Saturday as they worked to restore critical systems knocked out by a nine-day-old cyber attack that plunged the Southeastern U.S. metropolis into technological chaos and forced some city workers to revert to paper.
More cities get targeted because they tempting targets to people who want to make a name, and they are not taking security seriously. Or at least not putting the money into security.
The attack is by the SamSam virus. It is slightly more sophisticated than WannaCry.
First identified in 2015, SamSam’s advantages are conceptual as well as technical, and hackers make hundreds of thousands, even millions of dollars a year by launching SamSam attacks. Unlike many ransomware variants that spread through phishing or online scams and require an individual to inadvertently run a malicious program on a PC (which can then start a chain reaction across a network), SamSam infiltrates by exploiting vulnerabilities or guessing weak passwords in a target’s public-facing systems, and then uses mechanisms like the popular Mimikatz password discovery tool to start to gain control of a network.
In this day of readily-available of password-managers, that will generate as complex a password as the system can handle, there is NO Reason that a public-facing system should have “weak passwords.” Though it is a little more complicated than that. The way people administer groups of employees is, in all too many cases, flawed. (Problems with Windows Don’t Help.) And if anything is immune to change, it a bureaucrat in a .gov department who can’t be bothered about those stupid folks in IT who have NO IDEA what they do to run the city.