Fulton County says a ransomware attack could happen again. Here’s what they’re doing to protect you.

Fulton County is still working to get all of its systems back online months after a cyberattack crippled them.

Channel 2 Investigative Reporter Sophia Choi sat down exclusively with Fulton County Commission Chairman Robb Pitts about how the county is making sure this doesn’t happen again.

[DOWNLOAD: Free WSB-TV News app for alerts as news breaks]

The county says that it is updating its systems to help prevent hacks in the future.

“We’re not of the woods yet,” Pitts said.

Right now, the threat of personal information being revealed is still a possibility. The county still does not know how the hackers got in.

Nearly two months after hacker group Lockbit took credit for the attack, most of the county’s systems are back online.

But the judicial system is still struggling to get all of its online functions back, which has created a 30-to-45-day backlog of cases.

“We still have some issues with our justice department, but we have some workarounds in place so that the public did not notice any major disruptions,” Pitts described.

Twice Lockbit threatened to release stolen information, but both times their deadline came and went with no repercussions and the county never paid their ransom.

“I think we’ll spend from 10 to 15 million on bringing our system back. We’ve also committed 10 million to move all of our internal enterprise system to the cloud,” Fulton County Manager Dick Anderson said.


After a 2018 ransomware attack in Atlanta, Fulton County spent $18 million to harden its own system, but that didn’t stop hackers earlier this year.

“The reality is, as we grow and learn, so do the crooks. They grow and learn so it’s almost like a competition,” Pitts said.

After the attack on Fulton County, law enforcement in Europe and the U.S. disrupted Lockbit’s operations by seizing its systems and arresting two people.

Within weeks, they were back on the dark web and listed Fulton County as one of its victims.

Now, the county is pushing everything to the cloud in an effort to ward off further attacks, something they admit they should have done earlier.

“I think the honest answer is yes. If we had moved quicker to the cloud, it may have prevented some of this disruption,” Anderson said.

Right now, the county does not believe anyone’s information was actually compromised.

[SIGN UP: WSB-TV Daily Headlines Newsletter]