24 Apr 2018

About City of Atlanta and ransomware

I just read the article on ZDNet: "Atlanta projected to spend at least $2.6 million on ransomware recovery". Yes, you read it right - $2'600'000 to clean up the Atlanta city network from ransomware. And, of course, taxpayers will pay the bill. smile

Dear City of Atlanta, this situation will not magically resolve itself. Your IT guys must take the responsibility for this failure. Fire your CIO. Fire your entire IT staff. Sue them all for the damages. And let them rot in prison for a few years for gross negligence.

You hold an architect accountable for making your house blueprints right. You hold the builders accountable for building your house right and your doctor for taking a proper care of you.

IT guys are not special snowflakes, they don't do magic, and they must be held accountable for their (in-)actions just like everyone else. Only then we'll see some improvements in security.

 
But I'm sure City of Atlanta knows better. After all, they decided $600'000 on advisory services from Ernst & Young on how to handle security incidents. That's a money well spent! </irony>