SCP-5018 Unknown ? low confidence
SCP-5018
Expected annual
$5.6M
One-time setup
$12.6M
Annual recurring
$5.0M
Personnel
15
Initial one-time setup and remediation (facility buildout, network purge, hardware replacement, and contingency reserves) total roughly $12.6M; ongoing yearly operations (staffing, monitoring, R&D and maintenance) run about $5.0M, driven mainly by specialized staff, long-term R&D, and enterprise-scale monitoring and remediation.
🏗️ One-Time Capital Costs Total: $12.6M
Contingency Reserve $5.0M
[#24] ONE-TIME contingency/reserve for catastrophic or unforeseen effects (site rebuilds, large-scale replacements).
Network Architecture Remediation Project Initial $2.0M
[#23] ONE-TIME re-architecturing project to segment networks, attestation, air-gapping and deployment across sites.
Mcl Audit And Replacement $1.5M
[#8] Audit and replacement/retrofit of network-connected magnetic containment locks (MCLs) to mechanical/hardened controllers.
Network Forensic Initial Purge $1.0M
[#6] Network-wide forensic sweep and initial purge (scale-dependent; representative 1,000-endpoint remediation estimate).
Firmware Remediation And Hardware Replacement $700K
[#7] Firmware-level remediation, component replacement or destruction (representative mid-range for affected devices).
Initial Research And Lab Setup $500K
[#10] Controlled testbed and safe-execution infrastructure, isolated lab and kill mechanisms.
Digital Tooling Development $400K
[#11] Initial development of detection signatures, automated purge tools, segmentation rules and patches.
Data Destruction Per Event $300K
[#14] Data destruction and secure disposal of compromised hardware (representative per-event budget for large batch destruction).
Legal And Vendor Coordination Initial $250K
[#15] ONE-TIME legal/cover-story/vendor coordination costs (recalls/contract negotiation, initial external coordination).
Operational Downtime Per Event Estimate $250K
[#21] Representative per-event contingency for downtime and operational impact (productivity/missed-mission costs).
Secure Backups Initial $200K
[#13] Initial creation and vaulting of secure immutable offline backups (verified, write-once media and vaulting hardware).
Facilities $125K
[#1] Secure air-gapped containment room (construction, RF shielding, mechanical locks, certification).
Equipment $120K
[#2, #3] Hardened offline terminal and peripherals plus secondary/cold-spare hardware and peripherals.
Em Measurement And Mitigation $100K
[#9] Magnetometers, fluxgate sensors, gaussmeters, EM shielding equipment purchase and installation.
Theia Integration $100K
[#12] ONE-TIME integration work to add SCP-5018 detection into THEIA and SIEM.
Training And Sop Development Initial $75K
[#16] Initial training, SOP development and compliance setup.
🔄 Annual Recurring Costs Total: $5.0M/yr
Research And Monitoring $2.4M/yr
[#6, #11, #12, #13, #22, #23, #26] Ongoing costs: digital-tooling maintenance, SIEM/IDS licensing, backups rotation, multi-year R&D/attribution program, network segmentation maintenance, periodic revalidation and follow-up scans.
Staff Wages $1.4M/yr
[#4, #12, #17] Security guards & supervisors, SOC analysts, malware analysts/researchers/sysadmins and related benefits and O&M of access logs.
Mtf Standing Readiness $400K/yr
[#5] Standing MTF readiness (salary allocations, equipment, training drills for MTF Kappa-10 / Rho-9 preparedness).
Insurance And Indemnity $200K/yr
[#25] Specialized cyber/physical insurance riders and indemnity premium estimates.
Logistics And Transport $175K/yr
[#20] Regular secure transport and chain-of-custody logistics coverage among sites (courier contracts, secure containers and escorts).
Cover Story And Legal $150K/yr
[#15] Ongoing legal, PR/cover-story maintenance and vendor coordination retainer costs.
Psychological Support And Health Monitoring $150K/yr
[#18] Counseling, medical exams and long-term mental-health follow-up for exposed staff (annual program cost).
Facilities Maintenance $50K/yr
[#1, #10, #23] Maintenance, certification and upkeep of containment room, testbed and installed shielding / infrastructure.
Mtf Deployment Expected Annual $50K/yr
[#5] Expected annual average for deployments (travel, surge personnel and per-deployment consumables averaged over time).
Training And Compliance Refreshers $50K/yr
[#16] Annual refresher training and compliance audits.
Urgent Transport Expected Annual $30K/yr
[#20] Expected annual cost of urgent/same-day secure transport averaged across years.
Supplies And Consumables $20K/yr
[#19] Consumables: spare mechanical keys, tamper seals, batteries, labeling and chain-of-custody materials.
Cost Scenarios
📊 Baseline (baseline) $5.0M/yr
81.5% probability / year
Normal year with no major incidents; routine monitoring, staffing, maintenance and ongoing R&D only.
no_active_executions routine_alerts_only
🚨 Minor Incident $5.5M/yr
15.0% probability / year +$510K vs baseline
Limited outbreak/execution at a small number of endpoints requiring a single deployment, targeted forensic cleanup and short downtime.
limited_endpoint_infection single_site_execution one_mtf_deployment
🚨 Major Incident $13.2M/yr
3.0% probability / year +$8.2M vs baseline
Widespread infection with firmware/rootkit persistence across multiple sites requiring broad hardware replacement, MCL retrofits and extended remediation.
firmware_persistence multi_site_infection widespread_mcl_disruption
🚨 Catastrophic Breach $52.5M/yr
0.5% probability / year +$47.5M vs baseline
Worst-case multi-site catastrophe with cascading infrastructure failure, site shutdowns and major rebuilds requiring contingency drawdown.
site_level_failure large_scale_destruction multi_site_containment_loss
👥 Personnel 15 total
Role Count Notes
Security Officer / MTF Agent 5 [#4] 24/7 physical security coverage, shift rotation and supervisor included in staffing estimate.
SOC Analyst 3 [#12] Continuous monitoring and THEIA/SIEM triage staff (2–4 analysts recommended).
Research Scientist / Malware Analyst 5 [#17] Cryptographers, reverse engineers and containment researchers assigned to SCP-5018 research and remediation.
Engineer / Maintenance 1 [#1, #23] Facilities and shielding maintenance, testbed support and network segmentation engineering.
Administrative Staff 1 [#15] Administrative / legal coordination and vendor management support.
📋 Confidence Notes
Ranges in the source estimates are wide and costs scale nonlinearly with infection scope, firmware persistence and number of affected sites; many line items are scenario-dependent and contingent on asset inventory, so overall cost estimates carry low confidence.
← SCP-5017 ↑ All SCPs SCP-5019 →