Ransomware has become a digital epidemic for the public sector, which often manages large, tangled webs of computer networks, running older software with limited budgets to defend them. Police departments in Illinois, Maine, Massachusetts and Tennessee have all opted to pay the ransom demands to get back their data. Unfortunately, Florida has become a target in recent weeks and with the recent success of cyber criminals extracting over $1 million from Florida’s local governments, this could be just the beginning of a larger epidemic.
About 3 weeks ago, hackers launched a cyber attack that disabled Lake City, Florida’s the computer and phone systems paralyzing staff with a ransomware attack. The staff of the small North Florida town worked with the F.B.I. and an outside security consultant to restore phone lines, email and online utility payments. But in the end, city leaders called an emergency meeting and reluctantly approved paying the hackers the ransom they demanded: 42 Bitcoin, or about $460,000.
It was the second city to agree to a large ransom in two weeks. Riviera Beach, in Florida’s Palm Beach County, signed off on an extraordinary $600,000 payment last week, also in Bitcoin, a cyber currency that is difficult to trace.
As in Riviera Beach, most of Lake City’s ransom will be paid by insurance. Only $10,000 will come out of the city’s bank account.
The F.B.I., as it typically does, recommended against agreeing to the hackers’ demands. But it was decided that a prolonged recovery would have cost taxpayers more. Though there was no guarantee that the attackers would release the city’s data, evidently after the ransom was paid, the IT staff had already been making strides in bringing systems back online. You can only imagine that this sort of reinforcement is exactly what fuels and inspires other would be criminals to attacking our critical infrastructure.
Now, you may have heard of what’s going on in Baltimore, a much larger city that has been fighting a massive ransomware attack for the past two months. They’ve spent over $18 million on recovery. In comparison, hackers there had demanded a ransom of $80,000. In hind sight, it might have cost less to just pay the criminals off.
The take away
These guys all suffered from a lack of good backup. You would think that they would be required to keep a backup, but I guess not.
My question is: What does your company’s backup and business continuity plan look like?
Don’t have one? We can help with that. Feel free to reach out.
Stay safe out there.
PS. Turns out the employee that caused the malware infection was fired yesterday. Oops.