Ransomware Incident Awareness – Timeline of Events in Fulton County Incident and Main Takeaways for Utilities

Fulton County, the largest county in Georgia, is still recovering from its January cyber incident. LockBit, the ransomware gang that took credit for the attack, posted a timer on its criminal website demanding payment – all this despite having its criminal infrastructure disrupted by the FBI in late February. LockBit then removed the county from its site and Fulton County “called their bluff” publicly stating they made no payment to the criminals.

This highlights two important takeaways – the extent to which cyber incidents affect critical infrastructure such as municipalities and utilities, and how criminal ransomware gangs often bluff their way to receiving payment. More than a month later, county officials are still working to restore downed phone lines and online systems. County chairman Robb Pitts stated that its online systems for paying water bills has been restored, but not for property tax payments. County email systems are back online, although only half of the phone lines in county offices are working. For more information regarding the Fulton County incident, access Security Week.