Florida City Forced to Pay 600K Ransom After Ransomware Attack
Riviera Beach, FL leaders recently agreed to pay a nearly $600,000 ransom to hackers who overtook the city’s computer systems, reports The New York Times. The city, with a population of 35,000 and located north of West Palm Beach, is the latest municipality to fall victim to a ransomware attack. Baltimore recently had to pay $18 million to repair its damages.
The City Council voted unanimously on June 17 to have its insurance carrier pay the hackers 65 Bitcoin, which was valued at $592,000, according to The Times. The payment should allow the city to regain its access to data encrypted in the cyberattack three weeks ago. However, the ransom does not guarantee the hackers will relinquish the data when they received it.
The attack started on May 29, according to The Times and The Palm Beach Post’s reporting. A police department employee opened an infected email attachment, which caused all of the city’s online systems, including email, some phones and water utility pump stations to go down. The city could only accept utility payments in person or by regular mail, and only by cash or check, after the attack.
“Anything that was done online, we did not have access to,” Brown told The Times. “We WERE able to make payroll and make vendor payments.”
If hackers can access governments’ and multi-million dollar business’ data and hold it for ransom that means anyone’s a potential target—including commercial real estate owners. In fact, CRE owners are perhaps more vulnerable than ever as buildings become “smarter” and numerous devices can be accessed via the Internet, including door locks, thermostats, lights, security cameras and more. For some time now, CRE owners have been told they need to have reliable in-building wireless connectivity to attract and retain tenants. With the rise of cybercriminals, it turns out wireless connectivity may not be enough—CRE owners must also be able to guarantee their tenants’ data will be safe on their network.
Earlier this month, Riviera Beach planned to spend more than $900,000 on new computer hardware. Those purchases were planned for next year, but were moved up because of the attack, according to Brown. Insurance will cover a third of the cost, The Times reports.
Riviera Beach spokeswoman Rose Anne Brown said the city was working with law enforcement and security consultants. While the former does not usually endorse making ransom payments, the latter sometimes recommends doing so in order for clients to get years of value information back.
“We are well on our way to restoring the city system,” Brown said.
The relatively large ransom suggests hackers’ ability to target government agencies has emboldened them, according to Jason Rebholz, who tracks ransomware payments and has helped victims of similar attacks.
“The complexity and severity of these ransomware attacks just continues to increase,” Rebholz, a principal for Moxfive, a technology advisory firm told The Times. “The sophistication of these threat actors is increasing faster than many organizations and cities are able to keep pace with.”
These types of attacks against governments and businesses have become more common around the world because hackers know holding data hostage is a quick way to extort money from organizations. According to The Times, some hackers have used a tool the National Security Agency (NSA) developed called Eternal Blue as a cyberweapon.
Unfortunately for victims, they often can’t recover all of their data even after they pay, according to Rebholz. Even worse, it can cost more to rebuild a system than the initial ransom payment. Atlanta for example could wind up paying $17 million to recover from a cyber attack last year.
According to a 2016 cybersecurity survey a third of chief information officers (CIO) for local governments said they were using outdated technology, which made them more susceptible to attacks. The survey also revealed less than half of the CIO’s had bought cybersecurity insurance.