ATLANTA — New reports from a Georgia-based cyber security firm says the city of Atlanta was first hacked a year ago in a fast-moving cyber attack that hit as many as 74 countries.
According to that report, a group that called itself the Shadow Brokers leaked the tools needed to create the ransomware connected to that April 2017 hack. The stolen tools, reportedly created by the National Security Agency, were called "Eternal Blue" and "Double Pulsar" and essentially were used to target how large computer systems shared files remotely. Thousands of computers nation-wide were infected.
Now, a leading cyber security firm says those tools were used to infect Atlanta's systems, in the 2017 hack. In a Twitter thread, Tuesday, Rendition Infosec wrote they scanned the entire Internet last year and found the City of Atlanta had five computers that had been hacked.
Almost a year later, Atlanta was hit with another cyber attack, this time by ransomware holding the city's systems hostage for a $51,000 fee.
11Alive's Ryan Kruger reached out to the mayor's office to try and confirm the reports by Rendition Infosec, but they said they are so backed up working with the current ransomware that they can't be sure if they were hacked a year ago. Because of that, it's unclear whether Atlanta fixed the problem after the hack a year ago. It's also unknown how the new hackers got in, so the two hacks may be unrelated.
RELATED
- Has Atlanta's chance to pay the digital ransom passed?
- 'Everyone who has done business' with city may be at risk
- Expert: Full recovery from cyber attack for Atlanta could take months
- Public deserves to know more about how Atlanta is battling cyberattack
- Atlanta works to move forward following cyberattack
- Expert: Full recovery from cyber attack for Atlanta could take months
- Atlanta cyberattack just one of thousands of hack attempts a year
