Florida Gov't Ransomware Tops $1 Million Payout
Officials in Lake City, Florida have voted to pay half a million dollars to hackers to regain access to computer files. It's the second such payment by a local government in the state in as many weeks.
Lake City's government computer system was hit by a ransomware attack in which hackers remotely encrypt files and then demand payment to unlock them. They asked for 42 units of the digital cryptocurrency Bitcoin, worth roughly $500,000. That payment method makes it much harder to trace the recipients.
The good news in this case is that public safety networks are unaffected and that all sensitive data such as the card details of people who pay fees to the city was stored elsewhere. However, the ransomware has locked up the city government's email system and put most of its landline telephones out of action. (Source: bbc.co.uk)
Related: How to Prevent Ransomware in 2018 - 10 Steps
Insurance Will Cover Most Costs
Officials have now concluded that it's more efficient to pay the ransom than lose the money and time it would take to restore the networks. Most of the cost will be covered by insurance, though the city will have to pay around $10,000 from public funds.
Only last week another Florida town, Riviera Beach, agreed to pay around $600,000 to ransomware attackers, again with insurers footing most of the bill. That was arguably a more serious attack as the compromised networks included those used for emergency response systems and water pump stations. At the time of writing officials hadn't confirmed whether full access had been restored, but the city government's website was offline. (Source: apnews.com)
Hackers May Now Keep Promises
The attacks on local government have seen something of a change in tactics by the attackers. Previously when ransomware has hit individuals, there's been no guarantee that paying up will actually get the promised unlocking. In some cases, the hackers simply keep demanding additional payments until the victim realizes they are being strung along.
With most of the government attacks, the hackers have unlocked the files when they've received the payment. That's likely because these are targeted attacks for large ransoms, so the hackers want the victims to feel assured paying up is worthwhile. They may also have concluded insurers will be less willing to cover such payments if they aren't going to be effective.
Related: How to Fix: Computer / Network Infected with Ransomware (10 Steps)
Related: 8 Ways to Protect Your Backups from Ransomware
What's Your Opinion?
Should local governments pay up if hit by a ransomware attack? Does doing so put others at risk by making ransomware attacks more likely? Is there a risk that cyber-insurance polices remove the incentive to improve security and reduce the risk of a successful attack in the first place?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
Bitcoin should be banned
This is why bitcoin and similar virtual currencies should be banned. The transactions are anonymous which means they can't be traced. If the opposite were true, then perhaps ransomware and similar million dollar attacks would not happen in the first place. It would make paying (and receiving) funds to criminals much more difficult.
Also, whoever was in charge of backing up and securing data at these government agencies should be fired. Insurance will pay the bill for now, but you can bet that this will be passed on to the people as insurance rates skyrocket as a result of similar attacks.
Never negotiate with terrorists
By paying the hackers, it just emboldens them to attack more victims.
BACKUPS! (I agree with Dennis)
EVERY entity that depends on computers to run, be they governments, hospitals, corporations, or any other agency, MUST have a system backup-and-recovery protocol in place, and follow it rigorously! Sure, it costs money to hire an expert to set this up for you, and to have one of the employees actually perform the backups and periodic restore drills to make sure it all works, but it no question costs less than the ransom from the slimeball thieves, and I'd bet would cost less than even the insurance payments.
NEXT, insurance companies should perform regular system security audits of their clients, and change the rates the clients pay based on the results of these audits. Grade A+ on system security? Smaller premiums. Grade F on system security? You pay through the nose.
Finally this sounds to me like a screaming opportunity for someone to become the nation's (world's?) leading expert on system security evaluation, implementation, training, maintenance, and audits. If I were even 20 years younger, I'd do this myself.
Time to fire some people.
Whoever was responsible for the security should be canned.
Ransomware
DavidInMisssissippi
I agree... Wished I was 20 years younger also !!
I've always thought a significant number "security" people during the day are also darknet hackers at night working to keep their daytime jobs busy.. :-)
Jim-in-kansas