What happens when a city comes under ransomware attack

Top officials in Atlanta, Georgia are still trying to recover nearly two weeks after being hit by “one of the most devastating ‘ransomware’ virus attacks” on a US city, says Reuters.

At least five of the city’s 13 departments were hit, forcing some services to switch to paper records while others were knocked out entirely. The hackers, who demanded $51,000 (£36,200) in bitcoin, “successfully crippled several critical systems across the city”, says Forbes.

Residents have been unable to pay bills electronically and almost all court hearings during the first week of the attack had to be postponed.

“It’s extraordinarily frustrating,” councillor Howard Shook, whose office lost 16 years of digital records, told Reuters. 

Atlanta hasn’t commented on the details of the attack, but a city auditor office’s report from January revealed it failed a security compliance assessment.

However, Atlanta isn’t alone in its lack of preparedness.

So how did this happen and could the UK be attacked?

What is ransomware?

Ransomware are computer viruses that take over other people’s devices, often with the threat to delete files unless a payment is made. Typically it gets into a device by exploiting vulnerable software or tricking a person into installing it.

Security experts call ransomware the “fastest growing form of computer virus”, the BBC reports.

Could this happen in the UK?

The UK has already suffered and experts warn it could easily happen again.

Last May, Britain was one of the more than 150 countries affected by the WannaCry ransomware attack. The virus encrypted data on infected computers and demanded a ransom of around £230. At least 6,900 NHS appointments were cancelled because the systems closed down. A government report said the NHS had been particularly vulnerable because it had not followed cyber-security recommendations.

“NHS England said no patient data had been compromised or stolen and praised the staff response,” the BBC reported.

In January, Ciaran Martin, head of the UK’s National Cyber Security Centre, told The Guardian a major attack was imminent and that it was a matter of “when, not if”.

He added that the UK was extremely lucky to have avoided a category one attack – one “that might cripple infrastructure” – when it had already impacted other western nations such as the US and France.

Saying he expected an attack to take place sometime within the next two years, Martin said there was no cast-iron method of protection.

“Some attacks will get through,” he said. “What you need to do [at that point] is cauterise the damage.”

How can I protect my data from ransomware?

Some of the best defence methods are to have strong security measures, such as updating anti-virus software and passwords that are difficult to crack.