Abilene invests nearly $1M to boost cyber defenses, restore systems after cyberattack

ABILENE, Texas (KTAB/KRBC) – The Abilene City Council has unanimously approved nearly $1 million in funding to bolster cybersecurity efforts and restore systems after a recent cyberattack knocked out several city servers.

Director of Information Technology Troy Swanson addressed the council Thursday, outlining the costs and detailing the recovery process. He said the investment is aimed at both restoring critical infrastructure and preventing future incidents.

A breakdown of the spending includes:

• CDW – Replacing peripherals and miscellaneous tech items
• Ceridian – Software to help bring essential systems back online
• Dell – About 200 Mobile Data Terminals (used in emergency services) and 300 desktop computers
• Server Supply – Recovery of RAM and memory for city systems
• Sumuri – Computers dedicated to cybercrime investigations as part of the Cyber Crimes Initiative
• Telecom – Replacement of roughly 100 phones and restoration of phone-related services

Swanson clarified that all purchases are one-time, except for Telecom, which operates on a monthly subscription basis.

When asked about future costs, Swanson said the city is still assessing the full extent of the damage and is actively working with its insurance provider.

“We do not have a sense of the caliber at this time, we’re still in the strategy and replacement, and we are working with the insurance claim,” Swanson explained. “The nature of the continued hardware recovery is in the network, server, and storage, and those are all being conducted as a requirement space replacement.”

He noted that the city does not anticipate further spending on desktop computers and is now focused on restoring function and improving long-term cybersecurity.

“Every move that we make, everything that we acquire, every service that we restore, we’re paying very close attention to ensure that we’ve achieved a higher level of cybersecurity on a go-forward basis. We have lofty targets there where we basically are not allowing anything that would allow this kind of threat surface again,” Swanson assured.

While current systems report and monitor suspicious activity, Swanson said the department is exploring proactive solutions that could detect threats before they happen. Although the attack was identified within 30 minutes, the city lacked tools to detect this specific type of breach ahead of time.

Officials are now meeting with cybersecurity experts and insurance representatives multiple times a week. They’re also monitoring the dark web for any sign that stolen information may be circulating.

The council voted unanimously to approve the funding.