Augusta, GA
Augusta cyberattack Day 17: Expert tells us what city can’t
AUGUSTA, Ga. (WRDW/WAGT) – We’re in the third week after a cyberattack brought many city of Augusta computer systems to a crawl.
City officials say no ransom amount has been communicated to them – even though the BlackByte hacker group posted an online demand of up to $400,000. The hackers also posted a lot of data they say is proof that they broke in.
But even if city officials aren’t talking about it, a computer security expert is – giving us perhaps the best explanation so far of what’s happened to the city and what issues lie ahead.
MORE FROM NEWS 12:
The cyber expert says Augusta’s situation is nothing new, but nothing too pleasant either.
Regardless of if this issue was caused by the hacker group, BlackByte, who is claiming responsibility, or if Augusta were to pay any level of demands for information, Augusta Richmond County could be looking at a complete reboot to get back up to speed.
“I’m surprised that: for some reason, it hasn’t seemed like the city is forthcoming in terms of exactly what’s happening,” said Bob Nestor, South Augusta resident.
For Nestor, it was a slight inconvenience to get his tags renewed before he left for a family trip to Washington, D.C.
According to John Shier with Sophos, it could be a problem the city combs through for months.
Shier said: “First you’ve got to go in there and you’ve got to neutralize the attacker; figure out are they still in the network and cut off their access so that can be difficult, because as I previously alluded to, oftentimes if they’re stealing credentials to raise themselves to an administrator; they look like you, they’re actually using your accounts against you.”
Shier has been working in cyber for decades.
While he can’t verify if the documents BlackByte has released are official property of the city of Augusta, he can say the personal information the hackers have, including email addresses and Social Security numbers, is sensitive.
Moving forward, he describes the process the city of Augusta is taking to weed out the “unauthorized access” Augusta is facing, regardless of whether it’s from BlackByte or another intruder.
“There are files there, they appear to be government-type files where they include people’s addresses and social security numbers, and all sorts of other things that would be considered private information,” said Shier.
FULL INTERVIEW: John Shier, field chief technology officer for Sophos gives us more insight on Augusta’s cyberattack than just about anyone else has.
Shier says he took a screenshot of the 400,000 alleged ransom but says it could take millions to get back.
Nestor said: “It sounds like they’ve put a lot of resources towards it, but there doesn’t seem to be a lot of information that has come out so far.”
Shier tells us it could be months before we get back to normal.
The mayor of Augusta told News 12 on Wednesday that 100% of essential departments are now up and running with workarounds.
There will be another update to come on Friday, but still no near end in sight.
Regardless, the city could end up paying millions, like Atlanta previously has, to completely overcome this issue.
Copyright 2023 WRDW/WAGT. All rights reserved.