Last week hackers hit the jackpot. They collected more than $1 million in ransomware payments from two municipalities in Florida. Both of the city governments that were victimized decided to pay the ransom hackers demanded to unlock their computers.
Lake City, Florida’s government will pay $460,000 after dealing with a ransomware attack for over two weeks. Just a few days before, the City of Riviera Beach, Florida, announced that they would be paying hackers $600,000 to recover their data from a ransomware attack. The hackers walked away with “winnings” in both instances.
- Computers Shut Down
Lake City’s computer systems went down on June 10th. Their 65,000 residents weren’t able to pay their water and electric bills online, or get building permits. After two weeks without access to their systems, they finally decided to pay the $460,000 ransom.
When Riviera Beach was hit by ransomware, it also paralyzed their computer systems. In an attempt to retrieve their data, the City paid the hackers nearly $600,000 (65 Bitcoin). Hackers demand Bitcoin because it’s a hard-to-trace digital currency. The City Council hopes to regain access to their encrypted data, although there’s no guarantee that this will happen.
“It’s a shame when any company gets a ransomware attack. There are security-focused providers out there with the knowledge and tools to prevent and protect against these threats. These tools can fight back with proper backup and device protection. I can stress that most of these attacks can be prevented and we can even figure out where the threat came from to ensure it never happens again,” says Nick Allo, Director of IT Services at SemTech IT Solutions in Longwood, Florida.
- No Option But To Pay
The ransomware infection in Lake City happened after an employee in City Hall opened a malicious email. The ransomware locked down their email and servers. The police and fire departments weren’t affected because they operate off a different server. In Lake City’s case, while cyber insurance will cover the majority of the ransom payment, $10,000 would still need to be collected from taxpayers.
With the Riviera Beach incident, someone in the police department opened an email that unleashed a virus that paralyzed their computer system. All of the City’s operations went offline. Their police department was crippled. They couldn’t use email, process payroll and even had to handwrite 911 calls. They had no option but to pay the ransom.
- Municipalities Should Be On Guard
These two Florida cities are just the latest in a number of ransomware attacks targeting city and state governments. Experts warn that because these and other cities pay the ransom, hackers are incentivized to launch more attacks on municipalities.
Marcel Manning, Managing Director of Nexgentec in Leesburg, Florida tells us, “As more municipalities are infected by ransomware and pay the ransom, the more we’re going to see attacks on state and local governments. Regardless of who pays the ransom doing so will encourage ransomware creators to launch more attacks. In both the Riviera Beach and Lake City incidents, their insurance provider footed the majority of the bill. While insurance coverage for ransomware is important, your best insurance policy is a functioning backup system. If we’re going to defeat the creators of ransomware, we need to have a business continuity plan in place. The more money we feed into these organizations, the more we’re going to see similar attacks.”
- Ransomware Attacks on State and Local Governments Are Increasing
Florida cities aren’t the only governments being hit with ransomware. In 2018, several Atlanta city systems were extorted for $51,000. And the City of Baltimore was victimized in May, shutting down services like water bills, permits and more, demanding a $76,000 ransom. The City of Baltimore refused to pay the ransom, and it ended up costing them around $18.2 million in lost or delayed revenue and direct costs to restore their systems.
- Governments Must Train Their Employees
All of these incidents occurred when an employee clicked a malicious link in an email. Had these governments properly trained their workers to recognize malicious emails, the ransomware infections could have been prevented.
Michael Goldstein, President of LAN Infotech in Fort Lauderdale, explains: “This hits us very close to home. Twice in two weeks seems unbelievable. All companies need to evaluate their current backup plans and definitely better develop what we are calling a ‘Human Firewall.” Cyber Awareness training and enforcement really need to be a must for everyone, and management has to take this very seriously.”