Ransomware attack on Atlanta’s municipal system is undoubtedly the highlight of cybercriminal activity of 2018. The cryptovirological attack crippled the digital systems of various city departments in Atlanta. People couldn’t pay their utility bills and the city police had to write their reports in handwriting. It took nearly a month for the city administration to deal with ransomware removal measures.
It will be safe to assume that the attack was unprecedented in the history of cybercrimes of the entire world. Previously, we never saw a cybercrime with that extensive effect on the ground. The attack was a challenge for every staff member of the city administration. But for some, it had become a test case.
For instance, new Chief Operating Officer of the city, Richard Cox, took charge just three days before the attack occurred. He considers this as one of the most challenging yet difficult starting of the job in his entire career. After two months, Cox reflects on different aspects of the attack.
All Were on the Same Page
The operators of Atlanta ransomware attack demanded $51,000 for ransomware removal. It was indeed a tough decision for the city administration to choose between the payment of $51,000 or the investment of millions in recovery and rebuilding process. The officials chose the latter option. From the mayor to COO, everyone was on the same page to not get played into the hands of ransomware operators.
In addition, the FBI also warned the city administration against the payment of ransom because it was not guaranteeing anything.
COO Justifies the Multimillion Expenses Post-Attack
There are reports that Atlanta has spent more than two million dollars on recovery and rebuilding measures following the attack. Cox justifies this expenditure because he thinks most of the money has been spent on the things where the administration has to make investments anyway, and it has nothing to do with ransomware removal works.
For example, laptops and workstations of the municipality were already near depreciation before the attack. Now they are being replaced with the new ones from the same money quoted as a ‘ransomware removal’ expense.
