6. Communications & Power Industries (CPI)

Recovery And Mitigation Costs: $500,000

A “domain admin” with the highest level of privileges on the network of California-based Communications & Power Industries (CPI) clicked on a malicious link in mid-January while logged in, triggering file-encrypted malware, TechCrunch reported in March.

Because the thousands of computers on the network were on the same, unsigned domain, the ransomware quickly spread to every CPI office, including its on-site backups, a source told TechCrunch. Only a quarter of CPI’s computers were back up and running as of the end of February, according to TechCrunch.

CPI paid a ransom of about $500,000 shortly after the incident, TechCrunch said, allowing the company to obtain a decryption key that was used to recover sensitive military data on affected computers. One system is said to have files related to Aegis, a naval weapons system developed by Lockheed Martin, according to TechCrunch.