The Best Offense Against A Ransomware Attack Is A Good Loss Prevention Defense

February 19, 2025

Hamilton, Ontario, has spent nearly $10 million recovering from a debilitating cyberattack on its municipal IT network.

The February ransomware attack affected 228 different internet technology applications, disabling municipal services like phone lines, electronic payments, computer-aided fire dispatch, and online permits. However, the city thinks no resident personal information was stolen.

Mayor Andrea Horwath has said the city did not pay the "huge" ransom demanded by the hackers. City manager Marnie Cluckie mentioned that more information about the breach, which is under police investigation, would be shared "at the appropriate time".

The city has paid about $9.6 million so far to deal with the immediate crisis and to recover or "rebuild" compromised applications and IT services. Some services have been deemed "unrecoverable," including the original public-facing list of real-time fire calls on X (formerly Twitter). The city's multimillion-dollar system of traffic cameras was also disconnected by the cyberattack.

Much of the listed spending in the latest report - around $7 million -has gone to paying outside cybersecurity experts like Cypfer and global accounting giant Deloitte. The city has also budgeted another $20.5 million in anticipated cyber-related spending in 2025 to both recover from the original attack and speed up already planned IT upgrades. A majority, but not all, of originally disabled city services are now back up and running. https://www.thespec.com/news/council/hamilton-has-spent-9-6-million-battling-cyberattack-fallout/article_c0522c09-0747-5338-888a-fc2405d29e73.html (Dec. 01, 2024).

Commentary

The cost of recovering from a ransomware attack can vary widely depending on several factors, including the size of the organization, the extent of the damage, and the type of ransomware used.

On average, the cost of ransomware recovery in 2021 was around $1.85 million in the United States. This figure includes various expenses such as downtime, network costs, ransom payments, labor, and lost opportunities.

The cost of the Hamilton, Ontario attack far outpaces the norm.

It's important to note that costs related to attacks have been increasing over time, with ransomware attacks becoming more sophisticated and frequent. https://www.scarlettcybersecurity.com/how-much-ransomware-recovery-really-cost (Dec. 16, 2021).

The average ransom demand for a ransomware attack has been on the rise. In 2024, the average ransom demand reached a staggering $5.2 million in the United States. This is a significant increase from previous years, reflecting the growing sophistication and boldness of cybercriminals. https://www.varonis.com/blog/ransomware-statistics (Nov. 13, 2024).

The final takeaway is that ransomware attacks are not only disruptive, but they are also expensive. The best means for preparing for such an attack is to develop a loss prevention and recovery plan upfront -because prevention is far less costly than mitigation. 

Finally, your opinion is important to us. Please complete the opinion survey:

This site uses essential/technical cookies to function. Cookies allow us to provide the best experience possible and must be enabled to use this site properly. By continuing to use this site, you agree to our use of cookies. Please see our Privacy Policy or How to Enable Cookies for more information.

An error has occurred. We have been notified and are working to resolve the problem. Please return to the front page and try this action again later.

Error!

An Error has ocurred on this site.

The error has been reported to our programmers and we are working to correct it. We generally get errors fixed overnight, so please feel free to try this action again tomorrow.