The City of Atlanta’s Ransomware Attack Costs Keep Growing
On March 22nd, PC Pitstop shared the story of the SamSam ransomware attack that took down the City of Atlanta. It took almost a week, before the city’s offices were able to turn on their computers, and now, almost three months later, the infection is still interrupting various systems. The city chose not to pay the $51,000 ransom demand. Alternatively, choosing to try to restore the systems on their own. This has resulted in years of police dash-cam footage being lost, and astronomical costs. According to city officials, the total costs to restore the systems will likely reach close to $10 million. Therefore, officials have requested an additional $9.5M to their annual budget of $35M to fully remediate their systems. According to Software Testing News, law enforcement is still not able to use some of its databases, and the city’s water department is unable to take any form of payments.
At this time, there is not an estimated timeframe for complete remediation. The city has continued to state it would be inappropriate to speculate on when the matter will be fixed. However, they have reported to working around-the-clock to fix all systems and are certainly committed to resolving all issues.
One piece of information that seems to be missing from each report, including ours, is the security solution vendor the city was using. If anyone has read an article citing this information or is willing to share a credible source with us including that information, we would sincerely appreciate it.
Effective Prevention
Preventing attacks such as these is indeed possible. Here are five top things businesses should implement to effectively prevent ransomware attacks:
- Implement a default deny approach, also known as application whitelisting
- Ensure timely updates of third-party applications and operating systems
- Review user admin rights, and remove unnecessary authorization
- Implement employee cyber security training
- Use multi-layer authentication