Inside the Judicial Challenges of When Ransomware Strikes a City

Earlier this year, the City of Atlanta suffered a ransomware attack on the city’s computer systems. The attack affected more than one-third of Atlanta’s 424 essential programs, close to 30 percent of which were “mission critical” functions. While most of the visible damage has been remedied, the effects of the attack will be felt for a long time.

Disruptions and delays were common across a wide variety of connected city services. At Hartsfield-Jackson International Airport, one of the busiest airports in the world, authorities shut down Wi-Fi service to prevent potential spread of the ransomware to thousands of phones and devices used by travelers. The effects of the attack were greater than these inconveniences, though.

Some areas of the Atlanta City Government lost up to 10 years of records and documents, which cannot be recovered. The city indicated they had not found indications that citizens’ personal information was stolen or misused. It’s been estimated that it will cost an additional $9.5 million and up to $17 million in total following the initial $2 million needed to repair the damage caused by SamSam.

Local governments are notoriously cash-strapped, and an unexpected $11.5 million bill creates a budget dilemma. This amount is likely a small part of the overall budget of Atlanta but unexpected costs add up quickly. This money will certainly have to come at the expense of other services or programs.

As a depository of essential records, residents will continue to face challenges working with the City in their efforts to complete basic requests like permits, inspections, or anything else that was compromised. These effects could be felt for months or years to come as required records are gradually found to be no longer available.

Potentially more harmful than any monetary cost to the city or nuisance for (Read more...)