Record Cyberattack: Suffolk County’s $25.7M Recovery Plan
Suffolk County, New York, has approved an allocation of $25.7 million for recovery efforts following one of the most devastating cyberattacks on a municipality in the United States.
On September 8, 2022, the ALPHV/BlackCat group launched an attack that paralyzed critical systems, exposed the personal data of approximately 470,000 residents and 26,000 employees, and incapacitated police services for several weeks. Payment systems, access to public records, and online testing were disrupted, and the county’s main website was down for several months. Some officials claim that the effects of the attack are still being felt.
Former County Executive Steven Bellone declared a 16-month state of emergency after the attack, allowing the county to bypass the usual bidding process for government contracts.
Although the final cost of the cyberattack is still being calculated, county authorities estimate the expenses to be $25.7 million, including contracts through the end of 2024. County Comptroller John Kennedy previously accused Bellone’s administration of spending $13.8 million on unnecessary or unused products.
The new County Executive, Edward P. Romaine, is seeking ways to recoup some of the funds. Romaine criticized the previous administration’s signing of multi-year contracts during the transition period.
District Attorney Ray Tierney has initiated an investigation into allegations of document destruction in Bellone’s final days in office. However, Bellone asserts that all data backups were restored or rebuilt, and the county did not pay the ransom demanded by the attackers.
The $25.7 million figure does not include the thousands of overtime hours worked by various department employees following the attack, as noted by Kennedy, nor other non-technical services, including over $1 million in legal fees and the cyberattack investigation. According to a county analysis, a significant portion of the expenses ($8.1 million) was directed to Palo Alto Networks for system support and forensic investigations.
A legislative report on the cyberattack is expected in the coming weeks, although it will likely focus more on the causes of the attack and the response’s effectiveness rather than the costs. Romaine has expressed the need for a special committee to investigate the expenses and has voiced his intention to spend $26 million on strengthening current security systems, enabling the county to qualify for cyber insurance, which is available only with adequate protection and security measures in place.
