Atlanta’s Ransomware Bill: $17 Million

The March 22 “SamSam” ransomware outbreak left 8,000 city employees unable to use their PCs for several days and led to longer outages for residents who wanted to pay for parking tickets or report potholes online as the city’s IT team continued to grapple with the incident.

The Atlanta Journal-Constitution and Atlanta’s WSB-TV Channel 2 Action News last week reported that they obtained a seven-page document, marked “confidential and privileged,” that describes the most recent costs incurred by the city as it has continued to respond to the ransomware outbreak.

The city’s assessment says Atlanta has about $6 million in contract commitments as a result of the ransomware attack, and it faces up to $11 million more in additional costs, the news outlets report.

Of the $6 million in commitments, about $1.1 million has been budgeted for “new desktops, laptops, smartphones, and tablets,” while the rest is for “security services and software upgrades,” they report.

A city spokesman told the Atlanta Journal-Constitution that the city is taking the opportunity to overhaul its systems and noted that some of the ransomware attack costs will be covered by its cyber insurance policy.

“We are pleased with the progress of the recovery efforts. In addition to responding to the criminal attack against the city of Atlanta, we are using this opportunity to make the city more secure,” the spokesman said. “Unfortunately, in today’s world, governments are seeing an increase in cyber attacks. … As you already know, the city is insured against cyber attacks. We continue to work through that process for the most cost-effective outcome for our residents.”

The city had received a ransom demand worth $51,000 in bitcoins to unlock all affected systems, which it reportedly did not pay. Instead, the city used funds to clean up, new devices, and better security.

Original Article Found Here.