Atlanta needs to find another $9.5 million to recover from a March 2018 ransomware attack, city officials estimated Wednesday. Moreover, the number of applications and government services impacted by the attack -- including police department and court system applications -- is far larger than earlier reports indicated.
The initial cleanup and recovery costs as of April 2018 were $2.7 million. Two Top 100 MSSPs — namely, Secureworks and EY — have been heavily involved in the recovery processes.
At this point, some pundits believe the Atlanta ransomware attack could be the "the worst cyber assault on any U.S. city," according to Reuters, According to the Reuters report:
- More than a third of the 424 software programs used by the city have been thrown offline or partially disabled in the incident
- Nearly 30 percent of the affected applications are considered “mission critical,” affecting core city services, including police and courts.
- A city legal office lost 71 of 77 computers as well as a decade of legal documents.
- Atlanta's police department has permanently lost dash-cam recordings, though the amount of data lost was not disclosed.
Atlanta's IT department is expected to seek $9.5 million in additional funding to rebuild applications and services destroyed by the ransomware attack. That's over-and-above the $35 million that the IT department was expected to request in its annual budget.
Atlanta’s 2019 budget process was delayed in May 2018 as Mayor Keisha Lance Bottoms and her office worked to pinpoint the ransomware attack's overall impact. Bottoms was due to make her first budget pitch no later than the first Atlanta city council meeting in May in advance of the fiscal year beginning July 1.
Fast forward to present day, and city officials say Atlanta is still in the "response phase" -- and has yet to fully move into the recovery phase, according to Reuters.
Multiple U.S. municipalities have faced cyberattacks in recent months. Among the examples:
- Three Rhode Island state departments were impacted by malware, discovered on May 31, but the state's chief information officer said no data was compromised, according to Government Technology.
- North Carolina’s Mecklenburg County experienced multiple cyberattacks in December 2017.
MSSPs Fighting Ransomware
Fortunately, MSSPs can help organizations plan ahead for cyberattacks and ensure they know what to do if ransomware, malware or other cyber threats penetrate their infrastructure.
Furthermore, artificial intelligence-based threat protection solutions firm Cylance indicated there are many tried-and-true best practices that MSSPs can recommend to help organizations safeguard their data, networks and systems against cyberattacks. These best practices include:
- Limit remote access.
- Manage user access and permissions within an IT environment.
- Teach employees about social engineering, phishing and other cyberattacks.
- Update hardware and software regularly.
MSSPs also can provide organizations with valuable cybersecurity resources. By doing so, MSSPs can help organizations keep pace with rapidly evolving cyber threats and stop cyberattacks before they escalate.
Additional reporting by Dan Kobialka.
