The 2018 Atlanta Government Ransomware Attack Analysis Essay

Introduction

The selected legal case of interest for the given analysis is the Atlanta Government Ransomware Attack of 2018. It is important to note that the case involves the Atlanta U.S. Attorney indicting and charging two Iranian hackers for the ransomware attack on the City of Atlanta. The victim of the attack was Atlanta’s municipal government. The specific typology or category of the cyberattack was ransomware. One should be aware that ransomware is a form of malicious program. It is designed to encrypt vital data to make the latter inaccessible, where an attacker can capitalize on the ability to decrypt the locked information. The legal case showed the poor enforcement of the cybersecurity laws by the municipal government bodies and the resulting unpreparedness of the city governance units to cyber threats.

Outlining the Case

Since Atlanta is an important economic and transportation hub, the attack was widely known. It was reported that “Atlanta U.S. Attorney charges Iranian nationals for City of Atlanta ransomware attack” (Department of Justice, 2018, para. 1). Therefore, the problem was that Atlanta’s municipal government did not adhere to the policy in regards to cybersecurity by not giving it a high enough priority, CERT’s failure to enforce the Law of Georgia on Information Security, Chapter III, Article 8, and the failure by the Department of Homeland Security to adhere to The Homeland Security Act of 2002 Sec. 223.

In 2018, Atlanta’s municipal government was attacked by ransomware from the Iranian hacker group named SamSam. The attackers demanded a ransom of $51000 in Bitcoin, which the city refused to pay. It is “estimated that the costs associated with the attack could reach as high as $17 million” (Sneed, 2019, para. 1). The ransomware affected the computers of 8000 government employees, which forced many digital services to be handled via pen and paper. For example, “the Atlanta Municipal Court has been unable to validate warrants. Police officers have been writing reports by hand. The city has stopped taking employment applications” (Blinder & Perlroth, 2018, para. 10). The key cause was the vulnerability of the city because the mayor stated that “shoring up the city’s digital defenses had not been a high priority before” (Blinder & Perlroth, 2018, para. 27). The impact was massive, which included not being able to pay water bills, traffic tickets, report potholes or graffiti, as well as the airport’s Wi-Fi.

Cybercrime Laws Violated

The Homeland Security Act of 2002

In addition to the state laws, specific federal laws mandate that the Department of Homeland Security enhance non-federal cybersecurity. The Homeland Security Act of 2002, Section 22, point (1)(A) states that it must “provide to State and local government entities, and upon request to private entities that own or operate critical information systems— (A) analysis and warnings related to threats to, and vulnerabilities of, critical information systems” (The Homeland Security Act, 2002, p. 22). In other words, it is the responsibility of the Department of Homeland Security to warn and analyze the preparedness levels of state and local governments. Since Atlanta’s municipal government failed to prioritize cybersecurity, it is partly the department’s fault for failing to adhere to Section 223 of the Homeland Security Act of 2002.

The Law of Georgia

The state of Georgia has a set of laws regarding cybersecurity. The Law of Georgia on Information Security, Chapter III, Article 8 states that CERT “shall be responsible for the enforcement of the provisions of this Law, in particular, the management of the incidents against information security in the cyberspace of Georgia, as well as other related activities aimed to coordinate information security that serves to eliminate priority cyber security threats” (The State of Georgia, 2021, p. 3). In other words, it must raise awareness about information security matters, coordinate cyber incident prevention measures, provide assistance and recommendations, and provide informational and educational support. Since Atlanta’s municipal government failed to ensure its cyber threat preparedness, a portion of the blame goes towards the failure of CERT to enforce these laws on the organization. Such incompetence resulted in massive financial and data losses.

The Role of Hacking

The Atlanta Government Ransomware Attack of 2018 is a case of a cyberattack through ransomware created by the Iranian hacker group SamSam. The role of hacking was that it had national implications because national cybersecurity laws, as well as state laws, were violated and not adhered to, which led to a weakened preparedness. The municipal government failed to realize the importance of cybersecurity, for which it, its citizens, and the city’s partners paid dearly in heavy financial and reputational losses.

Reflection

The case revealed how laws for cybersecurity are poorly enforced and implemented even on the governmental level. The mere fact that two foreign hackers could disrupt the entire city’s operations and governance processes indicated major security unpreparedness of critical units. Therefore, it is critical not only to devise laws in accordance with the pattern of modern threats, but enforce them on all levels as well.

Conclusion

In conclusion, the Atlanta Cyberattack of 2018 is the result of Atlanta’s municipal government failing to adhere to the state laws on cybersecurity, poorly enforced state laws on cybersecurity by the Computer Emergency Response Team of the Data Exchange Agency or CERT, and the failure of the Department of Homeland Security to pinpoint the government’s vulnerability through warnings. The event clearly demonstrates how cybersecurity is critical for national security because national laws have become violated. In addition, the impact of a citywide shutdown can lead to indirect costs for its partners from other regions, making the problem a national one.

References

Blinder, A., & Perlroth, N. (2018). A cyberattack hobbles Atlanta, and security experts shudder.The New York Times. Web.

CISA. (2021). Enabling distributed security in cyberspace. Web.

Department of Justice. (2018). Atlanta U.S. Attorney charges Iranian nationals for City of Atlanta ransomware attack. Web.

Sneed, A. (2019). What cities can learn from Atlanta’s cyberattack.Bloomberg CityLab. Web.

The Homeland Security Act, Publ. L. No. 107–296, 116 Stat. 2135 (2002). Web.

The State of Georgia. (2021). Law of Georgia on information security. Web.