The cost to rebuild Atlanta's computer network after it was hit with a SamSam ransomware attack in March continues to climb with a new report now placing the tab at $17 million, almost six times the initial estimate.
The Atlanta Constitution-Journalreported that it came across the new figure after obtaining a seven-page confidential city document that identifies $11 million in additional spending, on top of the $6 million already tapped for the project. The newspaper noted there was no indication which city department created the document.
“We are pleased with the progress of the recovery efforts. In addition to responding to the criminal attack against the City of Atlanta, we are using this opportunity to make the City more secure,” said a city spokesperson in an email to the Consitution-Journal. “Unfortunately, in today's world, governments are seeing an increase in cyber attacks… As you already know, the City is insured against cyber-attack. We continue to work through that process for the most cost-effective outcome for our residents.”
Atlanta was hit with SamSam ransomware on March 22 and refused to pay the $51,000 ransom. Initial cost estimates to recover from the attack were in the $3 million range, but this increased to $11 million by early June. The attack knocked about one-third of the city's 424 software programs offline, including includes the police department which lost a great deal of criminal evidence, including department's dashcam footage archive.
The Hacker News reports that threat actors have been using cracked software to distribute the new NullMixer malware dropper, which could simultaneously deploy various trojans to enable credential, address, cryptocurrency, credit card data, and Facebook and Amazon cookie exfiltration.