Atlanta spent more than $2.6 million on recovery efforts stemming from a ransomware attack, which crippled a sizable part of the city’s online services. The city was hit by the notorious SamSam ransomware, which exploits a deserialization vulnerability in Java-based servers. The ransom was set at around $55,000 worth of bitcoin, but it’s understood that the ransom was never paid — because the portal used to pay the ransom (even if the city wanted to) was pulled offline by the ransomware attacker.
According to newly published emergency procurement figures, the city spent around 50 times that amount in response to the cyberattack. Between March 22 and April 2, the city spent $2,667,328 in incident response, recovery, and crisis management. Among the costs, Atlanta spent $650,000 on hiring local security firm Secureworks for emergency incident response services, and an additional $600,000 on advisory services from Ernst & Young for cyber incident response.
Read more about the ransomware recovery costs for the city of Atlanta on ZDNet.