A new troubling report from the state of Florida shows how municipalities, particularly cities, are suffering from a new spate of cyberattacks.
According to Business Insider, officials in Riviera Beach, a burg near Ft. Lauderdale, voted to pay hackers $600,000 in order to deal with an attack that has compromised police and emergency systems.
“The New York Times reported that the hackers demanded their ransom in bitcoin,” writes Sinead Baker. “The paper noted that there is no guarantee that hackers will honor their end of the deal after getting the money…CBS reported that the council already voted to spend $1 million on new computers after the attack.”
Riviera Beach is not alone in its plight – the city of Baltimore, for example, has been struggling with a response to involved cyberattacks on it systems for months.
Other cities have suffered similarly from the scourge of malware attacks and ransomware efforts – in the city of Atlanta last year, following a scheme to lock down the city’s computer systems, residents had to pay bills through paper, and many city services were disrupted.
There’s little public information to suggest that the city of Atlanta paid ransoms to the hackers eventually identified as part of the SamSam group and partially based out of Iran (two Iranian men were eventually indicted for the attack).
A Wired story on big cyberattacks of 2018 at the end of the year did not cite such payments. (The piece also covered attacks on both Marriott and Quora!)
However, Steve Ragan at CSO reported that SamSam was paid upwards of $850,000, though not revealing what share of that would have been paid out by Atlanta.
Ragan talked about why it’s a bad idea to pay ransoms even though it may be quicker and easier.
“When victims of ransomware pay the ransom, most people assume it’s because they didn’t have proper backups, or the backups themselves were either outdated or corrupt. You’ll see pundits mention this in the media or on stage at security conferences year-round,” Ragan wrote. “Thing is, what most pundits aren’t talking about – a dirty secret for some in the security industry – is that sometimes it’s cheaper and quicker to pay during a ransomware attack.”
He then stated the obvious:
“Paying the ransom during a ransomware attack is a bad idea. Doing so will only keep the ransomware marketplace alive and thriving.”
But paying the ransom is sometimes only one component of a city’s reponse: for example, reports at the time also showed Atlanta officials hired in a bevy of consultants to fix the computer systems after the attack
Florida is providing the recent most recent test case for how to respond to crippling cyberattacks that target city systems – a system serving tax payers – instead of business or individual networks. You can imagine how those with a fiduciary duty toward taxpayers will want to optimize a response. The question is how?