Latest in Gear

Image credit:

Atlanta spends more than $2 million to recover from ransomware attack

Affected services are still down.
Share
Tweet
Share

Sponsored Links

SeanPavonePhoto via Getty Images

Last month, Atlanta's city government was hit with a ransomware attack that caused courthouse documents and services like payment processing to become inaccessible. The ransom demand was approximately $51,000 but according to the city's Department of Procurement, Atlanta has spent much more than that on efforts to rectify the situation. It appears that firms Secureworks and Ernst & Young were paid $650,000 and $600,000, respectively, for emergency services while Edelman was paid $50,000 for crisis communication services. Overall, the funds seemingly applied to the ransomware attack response add up to approximately $2.7 million.

It's unclear whether Atlanta paid or tried to pay the ransom, but evidence suggests city officials didn't attempt to or were unsuccessful. The affected services are still not fully up and running and ahead of the ransom deadline, the attackers took down the communication portal that would have been used to pay the fee.

The question of whether to pay a ransom or not isn't always an easy one to answer. Agencies like the FBI typically discourage paying these types of ransoms, with one reason being it might encourage attackers to keep doing what they're doing. But not everyone agrees with that reasoning. "Refusing to pay a ransom is unlikely to demotivate cybercriminals from conducting further attacks, as they will always find someone else to pay," Ilia Kolochenko, CEO of cybersecurity firm High-Tech Bridge, told SecurityWeek.

But another city's chief information security officer told SecurityWeek that there are other reasons not to pay up. "Unless paying the ransom provided details of how they were breached, what would it really get them?" he said. "Firstly, they don't know if they would actually get the decrypt keys. Secondly, they don't know if they would simply get hit again. And thirdly, it would only encourage more of the same kind of action." Relatedly, Secureworks has said that some groups hit with this same type of ransomware were asked to pay more after paying the initial amount. However, what's pretty clear is that Atlanta should have done more to protect its systems ahead of the attack. "The real lesson," said Kolochenko, "is for probably 10 to 20 percent of the cost of the emergency support, they could have brought in the same people to help with the same issues prior to the incident."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Samsung, Stanford make a 10,000PPI display that could lead to 'flawless' VR

Samsung, Stanford make a 10,000PPI display that could lead to 'flawless' VR

View
Xbox Series X and Series S walkthrough is a day-one primer

Xbox Series X and Series S walkthrough is a day-one primer

View
Instagram changes nudity policy after controversy with Black, plus-size model

Instagram changes nudity policy after controversy with Black, plus-size model

View
Facebook will not ban Oculus owners with multiple VR headsets (updated)

Facebook will not ban Oculus owners with multiple VR headsets (updated)

View
Twitch faces music industry backlash over proper licensing (updated)

Twitch faces music industry backlash over proper licensing (updated)

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr