A city in Florida, Riviera Beach, paid a $600, 000 worth of bitcoin to hackers
In May of this year, hackers took over the systems of Riviera Beach, when a police department employee unknowingly opened a malicious email that allowed the hackers to inject the whole city’s network with malware. For three weeks, the city had its computer systems held hostage. After a prolonged debate, the council of the city voted unanimously to pay the ransom of $600, 000 in the hopes of getting Riviera Beach’s encrypted records back. However, one thing was not sure – whether or not the hacker will actually restore the stolen information after getting the ransom.
The hacker attack was so powerful that it not only locked down the encrypted files, it took down the entire city network, and furthermore – 911 dispatchers could not enter calls into their systems and employees and contractors had to be paid by check instead of usual direct deposit.
The security consultants gathered and after the discussion, they urged the city council to pay up, despite the risk that the hackers won’t restore the needed and valuable information. They said that the city’s insurance provider will cover the payment. It is noted that earlier that month Riviera Beach council voted for investing a large amount of money in securing the city systems and protecting them from serious attacks.
Even though the US enforcement agencies often recommend that ransomware victims do not pay hackers, simply because there is no guarantee that hackers will comply and retrieve the valuable stolen information and because such payments encourage cybercriminals to strike again and again.
However, the city governments that do not pay after ransomware attacks can easily end up with costs higher than the hackers initially demanded. For example, there was the case with Atlanta not paying the hackers the demanded $51, 000 bitcoin after they were hacked in March 2018. The after all cost that the city suffered was $17 million in damages.
The analysts have agreed that paying ransomware is a “valid recovery option” for businesses that can not get their files back. It is noted that at least 170 state and local governments in the US have suffered ransomware attacks since it all started in 2013. There was the case with Iranian hackers for the incidents that hit more than 200 city governments and other institutions, and it caused more than $30 million in damages.
The reason why Riviera Beach city government was attacked and why are all the governments usually attacked is because the government agencies provide critical services and those critical services cannot afford the digital lockouts.
On the other hand, the relatively large ransom demanded from Riviera Beach suggested that hackers have become emboldened by their rapidly sophisticated ability to target government agencies. It was a quick and effective way to extract money from public entities. The hackers use strong types of programs as the cyberweapons.
Considering all this, it is not surprising that the city of Riviera Beach, a small city of 35, 000 people agreed on paying the ransomware. Taking into consideration that the costs to rebuild the system is usually far higher than the very given ransom itself.
One more reason for paying the ransomware was because the attack was upon not only online systems, including email and some phones, but as well as water utility pump stations. Utility payments were not accepted in any other way than in person and even then had to be paid by check or cash.
Keep in mind that the city of Riviera Beach is not the first nor the last to experience this tremendous problem. Last year, another Palm Beach suburb – Palm Springs – also paid a ransomware demand but lost two years so data, nevertheless.
In March this years, officials in Jackson County, Georgia, also agreed of paying $400, 000 to regain access to their files,
However, neither of these cities was the victim who paid the largest amount of ransom demanded. This “honor” goes to South Korean web hosting firm, which paid 13 billion won ($1.4 million) worth of bitcoins to a hacker when the ransomware attacked occurred on June 2017.
After some time, it is noted that Riviera Beach has succeeded in getting back some of the files, bit by bit. It really was a hard time for all of them in this small town.
Cybersecurity experts claim that the complexity and severity of the ransomware attacks just increase and that the sophistication of the hackers and the threat that they impose is much bigger than many organizations and cities are able to keep pace with. There is no total security notion that can protect a city from the attack, however, when it occurs, the city officials should react immediately, even if it means paying the ransomware as Riviera Beach before it is too late.
Source: CNN, The New York Times, Wiki
