SCP-2628
Keter
?
low confidence
SCP-2628
Expected annual
$28.3M
One-time setup
$19.6M
Annual recurring
$25.9M
Personnel
39
Initial containment and capability buildout requires ~USD 19.63M one-time for secure facilities, buybacks, replacements and contingency; steady-state annual operations are ~USD 25.88M driven primarily by mass amnestic administration, forensic analysis, replacement/buyback programs and staffing.
One-Time Capital Costs
Total: $19.6M
Annual Recurring Costs
Total: $25.9M/yr
Cost Scenarios
📊
Baseline
(baseline)
$25.9M/yr
Normal year with ongoing containment, analysis, administration and modest replacement/buyback activity (no major breaches).
routine_containment
steady_investigation_load
🚨
Minor Incident
$27.9M/yr
Localized propagation spike or several C2 takeovers requiring expedited takedowns, additional legal ops and a targeted recall/replacement batch.
localized_outbreak
additional_c2_takeovers
targeted_recall
🚨
Major Breach
$65.9M/yr
Internet-scale propagation, public exposure and mass replacement/recall program with substantial legal and contingency drawdowns.
internet_scale_propagation
mass_media_exposure
failed_containment
Personnel
39 total
| Role | Count | Notes |
|---|---|---|
| Research Scientist / Malware Analyst | 12 | [#3] Senior malware analysts, reverse engineers and forensic specialists (24/7 coverage). |
| Security Officer / MTF Agent | 8 | [#4] Mobile task force personnel for takedowns, seizures and onsite containment. |
| Sysadmin / DevOps | 3 | [#2, #3] Infrastructure ops for sinkholes, hosting and CI/CD for patch deployment. |
| Legal / Liaison Officer | 2 | [#5] Cyber-law retainer contacts and liaison staff for ISP/foreign coordination. |
| Medical Officer | 4 | [#9, #24] Clinicians and nursing staff for Class B administration and monitoring. |
| Administrative Staff / Call Center Operator | 10 | [#16] Outreach, notification, scheduling and case-management personnel. |
Confidence Notes
Estimates assume a baseline known-exposed population of ~10,000 devices and moderate containment posture; many line items scale linearly with infected-device counts and per-operation variability is large, so totals are uncertain and could be an order of magnitude different for internet-scale infections.