Another city caves to hackers, pays $490K Bitcoin ransom

2905
RANSOMWARE ATTACK: Hackers demand $5 million in Bitcoin from state-run oil company

Another city in Florida has given in to the demands of hackers behind a ransomware attack and are paying a hefty Bitcoin ransom.

The city in question is Lake City, located in north Florida with a population of 12,285 individuals.

Computer system crippled

The malicious attack began when an employee in City Hall opened an email, which then unleashed the malware across the city’s computer system

All email was completely shut off, and residents found themselves unable to pay bills online.

After two weeks of having their computers down, the city has decided to pay the Bitcoin ransom demanded by the hackers – a total of 42 bitcoins worth more than US$490,000 [AU$700,400] at current prices.

Lake City, Florida

After consulting with the town’s insurance company, the city council approved the ransom payment at an emergency meeting on Monday despite being advised not to by the FBI.

The FBI has long maintained a “zero tolerance” policy when it comes to meeting hackers’ ransom demands.

In a 2016 report detailing the rise of ransomware attacks, former Assistant Director of the agency’s Cyber Division James Trainor explained:

“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom.

“Paying a ransom not only emboldens current cyber criminals to target more organizations, but it also offers an incentive for other criminals to get involved in this type of illegal activity.”

The insurance company, League of Cities, will cover all but $10,000 of the ransom, with the balance ultimately being paid by Lake City’s taxpayers.

Mayor Stephen Witt noted that “it wouldn’t impact [residents] directly today or tomorrow, but the insurance rate will probably go up for everybody.”

Ransomware attacks rising

The Lake City hack marks the second Florida city to be hit with a ransomware attack in less than a week.

Micky recently reported that the city of Riviera Beach also decided to pay a Bitcoin ransom worth approximately $600,000 after their computer systems were completely sealed off for two weeks.

The payments demanded in ransomware attacks are getting bigger as hackers are targeting businesses, city governments, and organizations.

Bitcoin

Cybersecurity company Coveware reports that the average ransomware demand in the last quarter of 2018 was $6,733.

However, that number has nearly doubled as the first quarter of 2019 saw the average payment demanded by hackers being $12,762.

Like the FBI, most law enforcement agencies suggest that paying a ransom demand is a bad thing as it will encourage more attacks in the future as hackers know the victim is likely to pay.

Yet the cost for not paying can be much higher, as can be seen by the city of Atlanta spending $17 million to get their computer system back up even though the hackers only demanded $52,000 in cryptocurrency.

The one silver lining for cities like Lake City and Riviera Beach is that the hackers have a vested interest in decrypting the affected files after being paid.

“Our perception is that most ransomware distributors are economically rational and run their operations like businesses that care about their reputation,” says Coveware CEO Bill Siegel.

“If word gets out that their type of ransomware or attacks with their signature do not provide the decryption tool/key after paying, future victims would find out, and not pay.

“Accordingly, most provide a decryption tool after the victim pays,” he added.

Still, getting Lake City’s computer system up and running after paying the ransom is cold comfort to Witt.

“I would have never dreamed this could have happened, especially in a small town like this,” he said.