Florida Gov't Ransomware Tops $1 Million Payout

John Lister's picture

Officials in Lake City, Florida have voted to pay half a million dollars to hackers to regain access to computer files. It's the second such payment by a local government in the state in as many weeks.

Lake City's government computer system was hit by a ransomware attack in which hackers remotely encrypt files and then demand payment to unlock them. They asked for 42 units of the digital cryptocurrency Bitcoin, worth roughly $500,000. That payment method makes it much harder to trace the recipients.

The good news in this case is that public safety networks are unaffected and that all sensitive data such as the card details of people who pay fees to the city was stored elsewhere. However, the ransomware has locked up the city government's email system and put most of its landline telephones out of action. (Source: bbc.co.uk)

Related: How to Prevent Ransomware in 2018 - 10 Steps

Insurance Will Cover Most Costs

Officials have now concluded that it's more efficient to pay the ransom than lose the money and time it would take to restore the networks. Most of the cost will be covered by insurance, though the city will have to pay around $10,000 from public funds.

Only last week another Florida town, Riviera Beach, agreed to pay around $600,000 to ransomware attackers, again with insurers footing most of the bill. That was arguably a more serious attack as the compromised networks included those used for emergency response systems and water pump stations. At the time of writing officials hadn't confirmed whether full access had been restored, but the city government's website was offline. (Source: apnews.com)

Hackers May Now Keep Promises

The attacks on local government have seen something of a change in tactics by the attackers. Previously when ransomware has hit individuals, there's been no guarantee that paying up will actually get the promised unlocking. In some cases, the hackers simply keep demanding additional payments until the victim realizes they are being strung along.

With most of the government attacks, the hackers have unlocked the files when they've received the payment. That's likely because these are targeted attacks for large ransoms, so the hackers want the victims to feel assured paying up is worthwhile. They may also have concluded insurers will be less willing to cover such payments if they aren't going to be effective.

Related: How to Fix: Computer / Network Infected with Ransomware (10 Steps)

Related: 8 Ways to Protect Your Backups from Ransomware

What's Your Opinion?

Should local governments pay up if hit by a ransomware attack? Does doing so put others at risk by making ransomware attacks more likely? Is there a risk that cyber-insurance polices remove the incentive to improve security and reduce the risk of a successful attack in the first place?

Rate this article: 
Average: 5 (5 votes)

Comments

Dennis Faas's picture

This is why bitcoin and similar virtual currencies should be banned. The transactions are anonymous which means they can't be traced. If the opposite were true, then perhaps ransomware and similar million dollar attacks would not happen in the first place. It would make paying (and receiving) funds to criminals much more difficult.

Also, whoever was in charge of backing up and securing data at these government agencies should be fired. Insurance will pay the bill for now, but you can bet that this will be passed on to the people as insurance rates skyrocket as a result of similar attacks.

Navy vet's picture

By paying the hackers, it just emboldens them to attack more victims.

DavidInMississippi's picture

EVERY entity that depends on computers to run, be they governments, hospitals, corporations, or any other agency, MUST have a system backup-and-recovery protocol in place, and follow it rigorously! Sure, it costs money to hire an expert to set this up for you, and to have one of the employees actually perform the backups and periodic restore drills to make sure it all works, but it no question costs less than the ransom from the slimeball thieves, and I'd bet would cost less than even the insurance payments.

NEXT, insurance companies should perform regular system security audits of their clients, and change the rates the clients pay based on the results of these audits. Grade A+ on system security? Smaller premiums. Grade F on system security? You pay through the nose.

Finally this sounds to me like a screaming opportunity for someone to become the nation's (world's?) leading expert on system security evaluation, implementation, training, maintenance, and audits. If I were even 20 years younger, I'd do this myself.

kitekrazy's picture

Whoever was responsible for the security should be canned.

Jim-in-kansas's picture

DavidInMisssissippi

I agree... Wished I was 20 years younger also !!

I've always thought a significant number "security" people during the day are also darknet hackers at night working to keep their daytime jobs busy.. :-)

Jim-in-kansas