After hackers took control of much of the city of Atlanta’s computer network more than a week and a half ago, a cybersecurity researcher says there’s “a reason to worry” about the attacks targeting other major cities, including Austin.
The hack left Atlanta employees without access to their digital systems, leaving them with pen and paper to conduct official business. As of Monday morning, the city still doesn’t have full control back, and the hackers are demanding a $51,000 ransom to restore access.
Mark Loveless, a senior security researcher at Duo Security, a company with an office in Austin, told KXAN these types of ransomware attacks have “really flourished” and become “more sophisticated” in the last few years.
Common targets include schools and healthcare companies, with large troves of personal data they can’t afford to lose access to. Targeting a city like Atlanta changes the scale of the attack, Loveless said.
“It becomes a little more visible because it affects more people,” he said.
A city like Austin is likely better positioned than many others, he added, because of the tech infrastructure that exists here, but there are still “fundamental core problems” that leave city hall vulnerable to digital intrusion.
For example, the city’s five-year information technology strategic plan, published in 2014, focuses largely on updating and standardizing systems citywide, and not on the security of those systems. Loveless said that’s unusual.
Austin’s tech-savvy workforce might also work against city government security, he said. There’s a lot of competition for young tech workers, and companies around Austin, with their modern offices and other perks, are often more attractive to prospective employees than city government.
City council member Jimmy Flannigan told KXAN he’s “confident” the city’s IT staff is working to find and fix any holes in security that might allow an attack to happen, but his concerns are more with human error.
“Just using an insecure password can leave your entire system vulnerable,” said Flannigan, who worked in web development for 20 years before joining the council.
There’s evidence this particular ransomware attack has exploited weak passwords in past attacks, though it’s not clear if that was the case in Atlanta. Flannigan, unlike the security researcher, worried that Austin’s reputation as a tech hub might give city employees a false sense of security.
“And I think one can assume that there’s probably one person in city government who’s using the word ‘password’ as their password,” Flannigan said, “and we want to make sure that that’s not the case, either.”
Duo Security was at one point in talks with the city to provide two-factor authentication services, Loveless said, which reduces the likelihood that a weak password would provide access to hackers, but it’s not clear if the city has plans to implement such a system.
KXAN reached out to the city’s public information office to ask if there are plans to upgrade security in the wake of the Atlanta attack, but did not hear back.
Comment on this story below: