+1 607 252-6647 Email Questions

Atlanta spent at least $2.6 million on ransomware recovery

  • Published in News
  • Hits: 230
atlanta-ransomware-attack.jpgThe city of Atlanta, Georgia. (Image: file photo)

Atlanta spent more than $2.6 million on recovery efforts stemming from a ransomware attack, which crippled a sizable part of the city's online services.

The city was hit by the notorious SamSam ransomware[1], which exploits a deserialization vulnerability[2] in Java-based servers. The ransom was set at around $55,000 worth of bitcoin, a digital cryptocurrency that in recent weeks has wildy fluctated in price.

But it's understood that the ransom was never paid -- because the portal used to pay the ransom (even if the city wanted to) was pulled offline[3] by the ransomware attacker.

According to newly published[4] emergency procurement figures, the city spent around fifty-times that amount in response to the cyberattack.

Between March 22 and April 2, the city spent $2,667,328 in incident response, recovery, and crisis management. (Hat tip to Ryan Naraine for tweeting out[5] the link.)

Among the costs, Atlanta spent $650,000 on hiring local security firm Secureworks for emergency incident repsonse services, and an additional $600,000 on advisory services from Ernst & Young for cyber incident response.

The city also spent $50,000 to hire Edelman, a public relations firm specializing in crisis response management -- in other words, trying to make things look less bad than they actually are.

It's not known if additional, unreported costs were involved in the ransomware clean-up.

When reached, a spokesperson for the city did not immediately respond to several questions we had. If that changes, we'll update.

Last month we reported that Atlanta narrowly missed out falling victim[6] to another cyberattack in 2016,

Read more from our friends at ZDNet

Contact us

By Mail

PO Box 5613

Katy, TX 77491

USA

Social: twitter facebook

Phone: +1 607 252-6647

Email: admin [AT] synapticweb [DOT] co