According to Channel 2 Action News that investigated the incident, the ransomware attack on the City of Atlanta cost it at least $2.7 million.
In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta.
The ransomware infection has caused the interruption of several city’s online services, including “various internal and customer-facing applications” used to pay bills or access court-related information.
Investigators believe that hackers initially compromised a vulnerable server, then the ransomware began spreading to desktop computers throughout the City network. Crooks demanded a payment of 6 Bitcoin, around $51,000 at the current rate,
New Atlanta Chief Operating Officer Richard Cox said that several departments have been affected.
No critical infrastructure and services seem to be affected, the departments responsible for public safety, water, and airport services are operating as normal, however.
How much cost this attack on the City of Atlanta?
According to Channel 2 Action News that investigated the incident, the ransomware attack cost the city at least $2.7 million.
“They were probably not as protected as we probably thought they were,” Georgia State University cybersecurity researcher Don Hunt said.
Channel 2 investigative reporter Aaron Diamant obtained new records that allowed the media outlet to estimate the overall cost of the attack.
Coming up at 5…with few specifics from City of Atlanta leaders, the clues we found of the growing cost to taxpayers from last months crippling cyberattack on city networks. @wsbtvstorm pic.twitter.com/vRP434exiC
— Aaron Diamant (@AaronDiamantWSB) April 11, 2018
The $2.7 million cost includes eight emergency contracts that were signed just after the malware compromised the city networks.
“They’ve got some really big players on the team there, and they’re spending a lot of money, so the depth of the problems that they had are probably enormous,” Hunt said.
The leaders of the City of Atlanta signed a $650,000 contract with cybersecurity firm SecureWorks that was involved in the incident response.
Accessing the records the journalist discovered that the leaders signed other contracts as reported in the above image, a $600,000 contract with management consultant Ernst and Young for advisory services and another $730,000 to Firsoft.
“That’s absolutely construction work. What they’re looking to do is not revamping the system, they’re starting from scratch and going from the ground up again,” Hunt added.
“You’re talking about the possibility of privacy being violated. It could be an indicator that you’ve got a deeper problem inside or potentially a deeper problem that you want to get ahead of right away,”
(Security Affairs – City of Atlanta, ransomware)