The City of New Orleans, La. says the recent cyber attack on its networks will cost more than seven million dollars. Mayor Latoya Cantrell expects that number to grow.
According to a FOX 8 WVUE-TV in New Orleans report, Mayor Cantrell says the city will be able to recover three million of that amount due to a cybersecurity insurance policy purchased before the attack.
“This is something that we have to deal with as a city and it is an expense that we also have to eat as a city. It speaks to the priority of infrastructure that has always been a priority of mine and it also speaks to the real push for maintenance of infrastructure. This will be ongoing,” says Cantrell. “The early detection and the intrusion helped us one, IT halt our networks, shut it down completely, which prevented this cyber attack from being catastrophic,” she adds.
According to the report, the city will spend millions to recover from the cyber attack. The expenses will include buying new computers and other measures to improve the city's IT infrastructure to prevent future attacks. Kim LaGrue, the city's Chief Information Officer, says, “Cleaning over 3400 computers was necessary in that recovery. We realized we would lose some of those computers because we also build a stronger cyber security platform and on that new platform certain antiquated devices just could not be recovered, would not operate in this new platform.”
However, the report notes that the city is still suffering from the cyber attack. Gilbert Montano, the city’s Chief Administrative Officer, says the city is dealing with a significant backlog from manually operating city government. He added that it will take months to rebuild their network. “Now, we’re in the stabilization period. We are trying to rebuild what we had to turn off essentially and that is a long, laborious, time-sensitive process and that’s where I am telling staff and employees we’re looking maybe at a six to eight month window before actual normalcy starts to integrate all of our systems,” said Montano.
A GovTech.com report noted that city officials believe the cyber attack began when an employee clicked on a link in a "phishing" email and provided their credentials. Outside cybersecurity experts said that they believe those behind both the city and the state attacks likely used Ryuk, a piece of malware that was first discovered about 16 months ago and is popular with criminal organizations in eastern Europe and Russia.