Cybercriminals have learnt something very valuable in the last couple of weeks: in order to regain access to their data, cities in Florida are prepared to pay out huge Bitcoin ransoms to hackers.
Less than a week after the city of Riviera Beach, 80 miles from Miami, unanimously voted to pay US $600,000 worth of Bitcoins to an extortionist who had locked their IT systems with ransomware, a second city has come to the same decision.
The ransomware which hit Lake City is thought, like the Riviera Beach attack, to have entered IT systems after a user mistakenly clicked on a malicious link in their email.
The impact on city systems was severe, with Riviera Beach losing access to its email, IT systems knocked offline, and 911 emergency services said to be disrupted.
An emergency meeting of Lake City’s administrative council voted on Monday to agree to a cybercriminal’s demand for 42 Bitcoins (almost half a million dollars) after struggling for two weeks to combat a ransomware infection that crippled its municipal computer systems.
In a press release published on its website (which is hosted externally, and was not affected by the attack), Lake City described how some departments had resorted to using pen and paper due to city networks being disabled. Due to its inability to monitor emails, residents were instead told to monitor the Lake City Police Department’s Facebook page for any critical updates.
The small city in Northern Florida will pay US $460,000-worth of Bitcoin to hackers in order to regain control of its email systems and servers.
“I would have never dreamed this could have happened, especially in a small town like this,” said Lake City mayor Stephen Witt.
Fortunately for Lake City, and its taxpayers, insurance is expected to cover all of the payment apart from US $10,000.
But the question of who pays the ransom (and indeed the insurance) is not the only thing people should be concerned about.
The fact that two cities have paid colossal payments to hackers in recent days will only encourage ransomware attacks to launch similar attacks against similarly poorly-protected targets. Every time an organisation gives in to a ransomware demand, and cybercriminals learn that it is easy to earn such lucrative profits, hackers invest more effort into future attacks.
Organisations and companies need to ensure that they are prepared for a ransomware attack before it strikes. Have layered defences in place, educate your staff about threats, and ensure that you have a robust backup system in place from which you can restore your critical data rapidly rather than have to pay a hacker to unlock it.
With ransomware payments costing half a million dollars or more, it’s clear that a secure offsite backup system would pay for itself in no time – and can help minimise the impact of any attack.