Georgia’s largest county is still repairing damage inflicted on its government a month ago by hackers who shut down office phone lines, left clerks unable to issue vehicle registrations or marriage licenses and threatened to publicly release sensitive data they claimed to have stolen unless officials paid ransom.
The ransomware syndicate LockBit took credit for the cyberattack in late January that temporarily crippled government services in Fulton County, which includes most of Atlanta. The group demanded payment, threatening to dump data online, including residents’ personal information. It also claimed to have stolen records related to the county’s pending criminal case against former President Donald Trump.
To boost the odds of getting paid, ransomware groups routinely steal data before activating network-encrypting malware. Some cybersecurity analysts questioned whether the Fulton County hackers actually possessed Trump-related files.
The hackers’ deadline passed Thursday, less than two weeks after law enforcement agencies in Europe and the U.S. announced they had disrupted LockBit’s operations, seized the group’s systems and arrested two people overseas.
Soon after the takedown, LockBit resurfaced on the dark web and renewed its threat against Fulton County. But no stolen data was released after the deadline lapsed, and county officials refused to pay.
“We are not aware of any data having been released today so far,” Fulton County Commission Chairman Robb Pitts told reporters Thursday afternoon. “That does not mean the threat is over by any means. And they could release whatever data they have at any time — today, tomorrow or sometime in the future.”
Pitts said county officials are still working to restore phone service and online systems still down more than a month later, though all county offices have reopened and resumed serving residents to at least some degree.
“We have not paid any ransom nor has any ransom been paid on our behalf,”…
Read the full article here
