Before the US House Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation, Atlanta Mayor Keisha Lance Bottoms gave her remarks on Tuesday, during a hearing titled “Cybersecurity Challenges for State and Local Governments: Assessing How the Federal Government Can Help.”
“My name is Keisha Lance Bottoms and I am the Mayor of Atlanta, Georgia, the cradle of the Civil Rights Movement and the anchor of the 10th largest economy in the United States,” Bottoms said. “I want to thank Chairman Bennie Thompson and Subcommittee Chairman Cedric Richmond for inviting me today to testify at this important hearing. I am honored to be here.”
Bottoms took the opportunity to give recommendations regarding cybersecurity, citing how the subcommittee should aid the promotion of agencies to develop stronger relationships with state and local governments through:
- Expanding programs in the federal government that share real-time threat information, which is often critical in avoiding and mitigating threats.
- Implementing federal programs to provide cybersecurity disaster-relief funding; offsetting recovery costs.
- Ensuring the safety and security of the electoral process, as city and state governments administer the elections that are the foundation of our democracy.
“With the support and assistance of partners such as the Department of Homeland Security — and this distinguished Committee — all our cities, and our country, can be safer by being better prepared,” Bottoms said.
During her testimony, Bottoms referred to the March 2018 ransomware attack that impacted the City of Atlanta, as a primary example of how different government entities can collaborate to eliminate threats.
“In the early morning hours of March 22, 2018, Atlanta’s government experienced a ransomware cyberattack which impacted our operations and our ability to provide services to our residents and visitors,” Bottoms said. “To paint a broader picture of the confusion of that day, the City of Atlanta has nearly 9,000 employees. Many rely on technology to do their jobs and keep the City running.”
Bottoms described to the lawmakers how while emergency services, and the City’s water supply, were not affected, the Atlanta Municipal Court was forced to cancel and reschedule hearings, the City’s customer-services interface was knocked offline, and other city services suffered.
“As that first day unfolded, it became clear to us that criminals had attacked the City’s computer systems,” Bottoms said.
Bottoms also said it took an outside security firm to uncovered that the attackers were two Iranians who were demanding a ransom of $51,000 Bitcoins to release the system.
The City refused to pay, and in November, the attackers were charged by federal authorities with breaching computer networks of local governments, health care systems, and other public services.
Bottom said that to date, the ransomware attack cost the City nearly $7.2 million, and still climbing, for recovery. However, some of the costs were covered under the City’s cyber-insurance policies.
“Digital extortion is now a common occurrence affecting many organizations in the public and private sectors, even hospitals,” Bottom said. “With cyber threats becoming more hostile and frequent, organizations must understand how to protect themselves against attacks when they do occur.
“The good news is that the City of Atlanta is rebounding from this attack and sharing its experience with other cities,” she continued before closing. “We are advising them to understand the business-continuity measures they need to have in place. And to do it now.”