ATLANTA — It's now the fifth day of the hack attack on the City of Atlanta, and Atlanta Mayor Keisha Lance-Bottoms stressed that personal data has yet to be compromised following the cyber attack on the city.
The city is keeping quiet on the details of the attack and whether they're going to pay the ransom, however, in a press conference Monday afternoon, city officials did say they are working with private and public partners to hopefully set the "hostage" free.
- Atlanta works to move forward following cyber attack
- Cyberattack hits Atlanta computers | 'Everyone who has done business' with city
- What to know about the City of Atlanta cyberattack
- What to do after a data breach or cyberattack
The City said it has partnered with an experienced company called Secureworks. Andy Green is a security expert at Kennesaw State University, and called the company a "known player with a solid reputation."
Green believes the company is a good choice for Atlanta.
"If they brought secure works on board to help them with their incident response, that's a promising sign because they've chosen a solid player to help them with that," Green told 11Alive.
The city has not revealed how much the contract with the security company cost, but Green speculates it's probably more than the ransom of $51,000.
11Alive's Ron Jones asked Green how long it could take for Secureworks to "free" the city from the ransomware; he said it all depends on the amount of computers, laptops and servers locked down by the cyber criminals. A full recovery, Green said, could possibly take weeks or months to get back to normal.
However, city officials are also not sharing a timeline for that either.
"We do have to be careful as we speak about timelines," Mayor Lance Bottoms said. "I can tell you that we are working around the clock ans continue to ask the public to be patient."
Green also said even if Atlanta's systems are freed, they still run the risk of being shut down again by the cyber criminals. He said it's best to hire a company like Secureworks to do a deep-dive on the systems to find out where the breach happened and how to keep it from happening again.