Channel 2 Action News reported that the City of Atlanta was hit by a massive ransomware attack which cost at least $2.7 million.
The recent infection has caused the interruption of several city’s online services. Among these were “various internal and customer-facing applications” used for paying bills or accessing court-related information.
According to the investigators, the attackers compromised a vulnerable server first, and then the ransomware began spreading to desktop computers throughout the whole network of Altanta.
The ransom demanded by hackers was a payment of 6 Bitcoin, which is approximately $51,000.
The Chief Operating Officer of Atlanta, Richard Cox, announced that the malware affected several city departments, however, the departments responsible for public safety, water, and airport services are operating as usual.
The incident was investigated by the Channel 2 Action News who reported that the ransomware attack cost the city approximately $2.7 million.
“They were probably not as protected as we probably thought they were,” the researcher at Georgia State University, Don Hunt, stated.
The investigative reporter at Channel 2, Aaron Diamant, obtained new records allowing the media outlet to estimate the overall cost of the ransomware attack.
According to the records, the $2.7 million cost includes eight emergency contracts which were signed right after the city networks was compromised by the malware attack.
“They’ve got some really big players on the team there, and they’re spending a lot of money, so the depth of the problems that they had are probably enormous,” Don Hunt explained.
The City of Atlanta leaders signed a $650,000 contract with the cybersecurity firm SecureWorks that was involved in the incident response.
The investigative journalist found that the leaders have also signed a few other contracts, among which a $600,000 contract with the management consultant Ernst and Young for advisory services and another $730,000 contract to Firsoft.
“That’s absolutely construction work. What they’re looking to do is not revamping the system, they’re starting from scratch and going from the ground up again,” Hunt said.
“You’re talking about the possibility of privacy being violated. It could be an indicator that you’ve got a deeper problem inside or potentially a deeper problem that you want to get ahead of right away.”
