USA – GEORGIA Trends and Developments Contributed by: Rose J Hunter Jones and Meredith Perlman, Hilgers Graben PLLC
to minors. Such entities must implement rea - sonable age verification processes for access to content classified as harmful under the law. Failure to comply exposes entities to penalties, including fines and liability for damages. With these measures, the Act seeks to balance advancing technology with the imperative to protect Georgia’s youth from the risks associ - ated with unsupervised social media use, includ - ing exposure to harmful content and threats to privacy. Cybersecurity incidents: key takeaways from 2024 The cybersecurity incidents of 2024 highlighted three critical themes. • The pressing need for robust and proactive cybersecurity measures to protect sensitive data and ensure operational resilience. • The importance of securing third-party solu - tions, as vulnerabilities in external systems can have far-reaching consequences for organisations. • The persisting and evolving threats to elec - tion security, highlighting the necessity of safeguarding democratic processes against cyber-attacks. Fulton County ransomware attack In late January 2024, the largest county in Geor - gia, Fulton County, fell victim to a ransomware attack on government services, impacting 100,000 accounts. LockBit, a Russian-speaking ransomware syndicate, claimed responsibility for the attack that led to the shutdown of criti - cal government services, such as issuing vehicle registrations and marriage licences, processing jail detainees, and even shutting down phone lines. LockBit threatened to release sensitive personal identifying information from residents
and materials related to Fulton County’s pend - ing criminal case against Donald Trump unless a ransom payment was made by 29 January 2024. This attack brought government operations to a halt. County officials were unable to answer phones. Residents could not access property records or court filings. Background checks could not be run using court records. Court operations were severely disrupted. LockBit claimed to possess sealed court records and released about two dozen files, including records related to a child abuse case, a sealed motion in a murder trial, and the identifies of the jurors serving on a high-profile racketeering case. The release of such sensitive data posed a grave risk to the integrity of Fulton County’s criminal justice system. On 19 February 2024, an international law enforcement consortium, including the FBI and the United Kingdom’s National Crime Agency (NCA) thwarted the attack by seizing LockBit’s servers, effectively disrupting LockBit’s opera - tions. LockBit continued to make threats to release data on the dark web but the 29 Janu - ary and then a later 29 February deadline for the ransom passed with no payment made and no data released. Fulton County refused to pay the ransom, citing taxpayer interests, and officials believe LockBit lost access to the stolen data after the server seizure. County services were restored on a rolling basis in a process that took nearly two months. Dur - ing this time, Georgia’s Secretary of State Office limited Fulton County’s access to the state voter registration system to safeguard against poten - tial attacks on election infrastructure. Fulton County has since partnered with cybersecurity experts to secure its systems, remove malware
554 CHAMBERS.COM
Powered by FlippingBook