In the early hours of Aug 19, the government offices of Coweta County, Georgia sustained a sweeping ransomware attack. From vehicle tagging system to public safety networks, nearly every government service got affected by the cryptovirological activity.
The ransomware operators demanded 50 Bitcoins for ransomware removal. However, the state fittingly refused to pay more than 300,000 dollars (the equivalent of 50 Bitcoins) as extortion money to criminals. Soon after the attack, the local administration commenced its own ransomware removal measures. It took nearly 10 days for the security experts to disinfect the majority of government servers from the ransomware strain. It is important to note the strain didn’t affect the personal workstations and external sites of the county. Nevertheless, the digital security team shut down all the servers to prevent the spread of ransomware.
Ransomware removal teams are still working to disinfect public computer stations at local libraries. According to the county’s spokesperson, the effect of the ransomware attack was considerably toned down because of the recent data backup protocols adopted by the IT department of the county.
Second ransomware attack on local government in Georgia
This is the second ransomware attack on local government in the state of Georgia. In March, Atlanta’s municipal system was attacked by a ransomware strain. The city government has spent over 10 million dollars for ransomware removal, recovery and restoration measures. This year, in general, has seen a rise in ransomware attacks on entities working in the public domain.
The takeaway
As mentioned earlier, the implementation of effective backup protocols saved Coweta County from a big ransomware calamity. It has been discussed several times that maintenance of backups is an effective way to mitigate the destruction of cryptovirological activity. The combination of backup protocol and ransomware removal expertise can protect any enterprise from ransomware attacks to a great extent.
