Content, Americas, Breach, Channel markets, Ransomware, Vertical markets

Atlanta Ransomware Attack Recovery Costs Skyrocket


Atlanta needs to find another $9.5 million to recover from a March 2018 ransomware attack, city officials estimated Wednesday. Moreover, the number of applications and government services impacted by the attack -- including police department and court system applications -- is far larger than earlier reports indicated.

The initial cleanup and recovery costs as of April 2018 were $2.7 million. Two Top 100 MSSPs — namely, Secureworks and EY — have been heavily involved in the recovery processes.

Atlanta Deputy CIO Daphne Rackley

At this point, some pundits believe the Atlanta ransomware attack could be the "the worst cyber assault on any U.S. city," according to Reuters, According to the Reuters report:

  • More than a third of the 424 software programs used by the city have been thrown offline or partially disabled in the incident
  • Nearly 30 percent of the affected applications are considered “mission critical,” affecting core city services, including police and courts.
  • A city legal office lost 71 of 77 computers as well as a decade of legal documents.
  • Atlanta's police department has permanently lost dash-cam recordings, though the amount of data lost was not disclosed.

Atlanta's IT department is expected to seek $9.5 million in additional funding to rebuild applications and services destroyed by the ransomware attack. That's over-and-above the $35 million that the IT department was expected to request in its annual budget.

Atlanta’s 2019 budget process was delayed in May 2018 as Mayor  Keisha Lance Bottoms and her office worked to pinpoint the ransomware attack's overall impact. Bottoms was due to make her first budget pitch no later than the first Atlanta city council meeting in May in advance of the fiscal year beginning July 1.

Atlanta Mayor Keisha Lance Bottoms

Fast forward to present day, and city officials say Atlanta is still in the "response phase" -- and has yet to fully move into the recovery phase, according to Reuters.

Multiple U.S. municipalities have faced cyberattacks in recent months. Among the examples:

MSSPs Fighting Ransomware

Fortunately, MSSPs can help organizations plan ahead for cyberattacks and ensure they know what to do if ransomware, malware or other cyber threats penetrate their infrastructure.

Furthermore, artificial intelligence-based threat protection solutions firm Cylance indicated there are many tried-and-true best practices that MSSPs can recommend to help organizations safeguard their data, networks and systems against cyberattacks. These best practices include:

  • Limit remote access.
  • Manage user access and permissions within an IT environment.
  • Teach employees about social engineering, phishing and other cyberattacks.
  • Update hardware and software regularly.

MSSPs also can provide organizations with valuable cybersecurity resources. By doing so, MSSPs can help organizations keep pace with rapidly evolving cyber threats and stop cyberattacks before they escalate.

Additional reporting by Dan Kobialka.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.