Baltimore City Hall, which houses agencies that were impacted by the 2019 ransomware attack. (Photo by Flickr user David Kirsch, used under a Creative Commons license)

What does $10 million, committed for curing a city’s ransomware affliction, actually buy you?

AJ Nash, VP of intelligence at cybersecurity company ZeroFOX, says it depends on how you want to handle the situation. Firms can negotiate the ransom. For Baltimore, trying to recover from the devastating 2019 ransomware attack, that ransom was $76,000 worth of Bitcoin.

Beyond these cyber companies, intelligence organizations can help a victim better understand the cyberattack and the organization claiming responsibility. Contractors can come in and attempt to decrypt data, as well as restore backups and networks.

These are all specialties and there are very few organizations, if any, that can provide all the different services that are necessary during an attack. Perhaps that helps explain why the city of Baltimore ultimately spent $10 million purely on IT recovery.

Documents that obtained from Baltimore’s city government, via a FOIA request, paint a picture of how this money was spent — and who it was spent on — if not exactly how much each entity received.