The SamSam ransomware attack on the city of Atlanta in March is probably one of the most expensive security incidents, with the recovery cost adding up to some $17 million of taxpayers’ money, according to a seven-page “confidential and privileged” report accessed by The Atlanta Constitution-Journal and Channel 2 Action News. City officials had already secured $6 million for the recovery project, while initial forecasts said it would cost about $3 million. Now, it seems, the project will cost an extra $11 million.
After years of repeated warnings from the city’s auditor about its security vulnerabilities and lack of disaster recovery plans, the city of Atlanta didn’t invest much effort in upgrading infrastructure security.
According to an internal audit released in January, “monthly vulnerability scan results indicated the presence of 1,500-2,000 severe vulnerabilities in the scanned population, with a history that went back over a year with no evidence of mitigation of the underlying issues.”
After refusing to pay a $51,000 ransom in bitcoin following the breach, the city is now looking at a very expensive outlay that involves paying for improved security services, software upgrades, as well as purchasing new desktops, laptops, smart phones and tablets.
“We are pleased with the progress of the recovery efforts. In addition to responding to the criminal attack against the City of Atlanta, we are using this opportunity to make the City more secure,” said a spokesperson for AJC. “Unfortunately, in today’s world, governments are seeing an increase in cyberattacks… As you already know, the City is insured against cyber-attack. We continue to work through that process for the most cost-effective outcome for our residents.”
When the Department of Transportation in Colorado was hit by ransomware, by comparison, the estimated recovery cost was $2 million.