On March 22nd, The City of Atlanta suffered a massive ransomware attack that led to a $52,000 ransom demand and unfortunately, they have yet to find a resolution - or an end to the millions of dollars they’ve already spent during the recovery process. As of now, the City of Atlanta has paid nearly $3 Million in contracts (and counting). It is unconfirmed whether or not they paid the ransom.
While the precise details are still few and far between, it was confirmed that SecureWorks is being paid $650,000 emergency incident response services. Following that, Ernst & Young is being paid $600,000 for advisory services for cyber incident response. Based on what has been reported, the total for all contracts is roughly $2.7 million, not including the eventual costs due to lost staff productivity or law firm billing.
The ransomware that hit the attack was SamSam ransomware - a malware linked to a group known as Gold Lowell - an unusually operated attacker. Unlike most criminal attackers, Gold Lowell is known to invade the victim network prior to encrypting any of their files. In this case, they had already been in the network and compromised their backups since they didn’t have the proper backup capabilities.
It’s said that the City of Atlanta had knowingly ignored many vulnerabilities that were present in their networks. While their decisions are being questioned since they chose to spend nearly $3 million instead of paying the $52,000 ransom, it appears that they are putting in a concerted effort to putting together a strong cybersecurity protection plan.
The biggest lesson here is that the money spent should have been put towards preventing the ransomware attack, rather than recovering from it. It is common for the recovery expenses to greatly outweigh the original ransom cost, which is why it is crucial to have a proper disaster recovery plan in place. By having the proper, protected backups and solutions, you could stay on the defensive side of ransomware protection.
If your business is lacking efficient backup solutions, download your free trial of reevert now. reevert is ransomware resistant and an easy-to-use, cost-effective solution for any business.
For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance. No Credit Card required.