In the last weeks, I wrote about a massive ransomware attack against computer systems in the City of Atlanta.
The ransomware infection has caused the interruption of several city’s online services, including “various internal and customer-facing applications” used to pay bills or access court-related information.
Investigators believe that hackers initially compromised a vulnerable server, then the ransomware began spreading to desktop computers throughout the City network. Crooks demanded a payment of 6 Bitcoin, around $51,000 at the current rate,
New Atlanta Chief Operating Officer Richard Cox said that several departments have been affected.
No critical infrastructure and services seem to be affected, the departments responsible for public safety, water, and airport services are operating as normal, however.
How much cost this attack on the City of Atlanta?
According to Channel 2 Action News that investigated the incident, the ransomware attack cost the city at least $2.7 million.
“They were probably not as protected as we probably thought they were,” Georgia State University cybersecurity researcher Don Hunt said.
Channel 2 investigative reporter Aaron Diamant obtained new records that allowed the media outlet to estimate the overall cost of the attack.
The $2.7 million cost includes eight emergency contracts that were signed just after the malware compromised the city networks.
“They’ve got some really big players on the team there, and they’re spending a lot of money, so the depth of the problems that they had are probably enormous,” Hunt said.
The leaders of the City of Atlanta signed a $650,000 contract with cybersecurity firm SecureWorks that was involved in the incident response.
Accessing the records the journalist discovered that the leaders signed other contracts as reported in the above image, a $600,000 contract with management consultant Ernst and Young for advisory services and another $730,000 to Firsoft.
“That’s absolutely construction work. What they’re looking to do is not revamping the system, they’re starting from scratch and going from the ground up again,” Hunt added.
“You’re talking about the possibility of privacy being violated. It could be an indicator that you’ve got a deeper problem inside or potentially a deeper problem that you want to get ahead of right away,”
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(Security Affairs – City of Atlanta, ransomware)
[adrotate banner=”5″]
[adrotate banner=”13″]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware…
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Palo Alto Networks addressed multiple vulnerabilities and included the latest Chrome patches in its solutions.…
Fog ransomware operators used in a May 2025 attack unusual pentesting and monitoring tools, Symantec…
Cyberattack on United Natural Foods Inc. (UNFI) disrupts deliveries, causing Whole Foods shortages nationwide after…
Resecurity researchers found 7.4 million records containing personally identifiable information (PII) of Paraguay citizens on…
This website uses cookies.
