Georgia’s Largest County Is Still Repairing Damage From January Cyberattack

Georgia’s Largest County Is Still Repairing Damage From January Cyberattack

March 3, 2024 at 08:54AM

LockBit hackers disrupted government services in Georgia’s Fulton County by shutting down phone lines and threatening to release stolen data unless officials paid ransom. Despite law enforcement’s efforts to disrupt LockBit, the county is still working to restore services. The cyberattack did not affect the criminal case against former President Trump, and LockBit’s future remains uncertain.

Key Takeaways from the Meeting Notes:

1. Fulton County, Georgia, was targeted by the ransomware syndicate LockBit in late January, resulting in severe disruptions to government services including phone lines, vehicle registrations, and marriage licenses.

2. LockBit demanded ransom and threatened to release sensitive data, including residents’ personal information and potentially records related to the county’s criminal case against former President Donald Trump.

3. Despite disruptions and threats, Fulton County officials did not pay the ransom, and no data was publicly released by the hackers.

4. Law enforcement agencies disrupted LockBit’s operations, seized their systems, and made arrests, yet the group continued to threaten Fulton County.

5. Fulton County officials are still working to restore phone service and online systems, despite the county offices having reopened and resumed services to some extent.

6. The cyberattack did not impact the separate, highly secure system housing materials related to the election case against Trump, according to Fulton County District Attorney Fani Willis.

7. Experts believe that the takedown of LockBit may signal its demise as a ransomware syndicate, although it could potentially re-emerge under a new name with the same core members.

8. LockBit is known to have extracted significant sums from victims globally and accounted for a substantial portion of ransomware attacks involving stolen data for extortion.

9. The cyberattack led to widespread disruptions in Fulton County, affecting services such as incident reporting, jail detainee processing, online utility bill payments, accessing property records, and issuing certain certificates and permits.

10. Significant progress has been made in restoring county systems, with services like water bill payments and email systems back online, although challenges remain with property tax payments and phone lines.

These takeaways provide a comprehensive understanding of the current situation in Fulton County following the ransomware attack and its ongoing impact on government operations.

Full Article