Last January in Georgia, Fulton County Chairman Rob Pitts found himself staring down criminals he couldn't see. The county was subject to a ransomware attackThe effects were widespread.
“Everything. The things you take for granted. Going to the library and checking out a book – can't do that. Getting a marriage license, checking your taxes – can't do that,” Pitts said, adding that Felt that he was “held hostage.”
Ransomware criminals are in the business of extortion – they hack an organization's network, lock out the data, and demand ransom for the keys. Last year, ransomware hackers walked away with a record $1 billion, and according to cybersecurity company Coveware, the number of organizations paying has dropped from 80% to just 30%.
When a ransomware attack hit Fulton County, the risk could not have been greater. Five months ago, former President Donald Trump and 18 others were charged There, allegedly in connection with an attempt to overturn the 2020 election. The hackers claimed to have secret documents related to the case and threatened to make them public.
They were asking for “several millions of dollars,” Pitts said.
Brian Vorndran, assistant director of the FBI's cyber division, says the agency “does not encourage organizations to pay the ransom”, but understands that non-payment can have “significant impacts” on a business or organization.
“The FBI generally does not get involved in negotiations with ransomware actors,” Vorndron said.
A major Russia-based ransomware syndicate was summoned lockbit Claimed responsibility for the attack in Fulton County. Four months later, federal authorities indicted the group's alleged leader, Dmitry Khorashev, who they say was known online by the name “Lockbitsupp.”
CBS News scoured hacker chat rooms online until “LockBitsapp” finally responded. He seemed concerned about the FBI and said they had the wrong man. He claimed to be “apolitical” and boasted that he was a wolf who “devours the weakest.”
“He's a formidable opponent, okay?” Vorndran said. “But we also have really good people in the FBI, and that's how we've been able to get close to him.”
lockbit Escalated his threats in Fulton County for weeks.
“Deadline number one came and passed. Get another call. Deadline number two passed,” Pitts said.
But Pitts followed the FBI's advice and refused to pay the ransom.
Pitts said, “This is taxpayers' money, and we certainly won't be arbitrarily dealing with our taxpayers' money.”
The hackers are out and Fulton County gets its network back together, but Pitts knows it was a risky move.
“These aren't high school kids playing on laptops in their basements. It's not like that. This is big, big business,” Pitts said.
When asked if it could happen again in Fulton County, he said it absolutely could.
It was a roll of the dice that paid off – for now.
