The City of Atlanta has spent roughly $2.7 million so far dealing with the recent ransomware attack that affected multiple systems and devices. This amount was reported by the city’s Department of Procurement for eight emergency contracts to various firms related to incident response and cyber forensics dealing with the attack. The $2.7 million is just the direct IT spend – it doesn’t include the City’s costs to reschedule court dates, missed or delayed revenue from water bills, higher costs for the police force writing paper tickets, etc… As with any cyberattack, the total impact reaches far beyond just the ransom or response costs.
Unfortunately, most of the $2.7 million could have been saved if the City had a better IT security posture. The attack was related to an old, un-patched computer on the network which propagated the attack. It took too long to detect the ransomware, and then they lacked sufficient protocol to respond quickly and thoroughly. As a result, the attack crippled the City’s infrastructure and will have a lingering impact on their IT capabilities and the taxpayers that will ultimately have to fund the $2.7 million recovery and the upgrades to the City’s IT infrastructure and cyber security improvements. That’s a significant hit for a city as large as Atlanta, but even more impactful for smaller cities and local governments across the country who already operate on overstretched budgets.
With the proliferation (and profitability) of cyberattacks, cities and companies need to realize that a cyberattack is not a question of “If,” but a matter of “When.” You need to be prepared with a layered approach to IT security – to defend your network and users, monitor and detect when a bad actor has breached the defenses, and react quickly to contain and mitigate the attack. Yes, it takes ongoing expense and time, but it ultimately yields significant savings, not only in dollars, but in reputation and brand value.