No, no, no! Riviera Beach City pays hackers $600,000 after ransomware attack three weeks ago
A US city has voted unanimously to pay hackers $600,000 who took over their computer systems via a ransomware attack three weeks ago.
Riviera Beach City Council in Florida made the rash decision to pay the hackers, in order to retrieve encrypted data that has prevented 911 dispatchers from being able to enter calls into their computers.
IT comes after the east coast American city of Baltimore slowly recovers most of its computers and IT infrastructure after it was crippled by a devastating ransomware attack.
The cyber attack struck Baltimore’s computers on 7 May, and after a month, most online city services and 10,000 computers remained crippled. That said, the city is now slowing recovering its systems.
But unlike Baltimore which refused to pay the hackers demand for $76,000 in bitcoins, but the council of Riviera Beach City voted to approve a $600,000 payment to the hackers in bitcoins.
According to the Daily Mail, the council had already voted to spend almost $1 million on new computers and hardware after the hackers crippled the city’s IT systems three weeks ago.
It seems the hackers apparently got into the city’s system via a phishing attack, when an staffer clicked on an email link that allowed them to upload malware.
The attack reportedly encrypted all city records, and disabled Riviera Beach’s email system. The attack also meant that utility payments could not be made online.
Silicon UK was still unable to access Riviera Beach’s websites on Friday morning.
Spokeswoman Rose Anne Brown was quoted by the Mail as saying Wednesday that the city of 35,000 residents – has been working with outside security consultants, who recommended the ransom be paid.
She reportedly conceded that there are no guarantees that the hackers will release the records once the payment has been made.
“When it comes to ransomware, the golden rule is never pay, however it seems like Riviera Beach City Council ignored this,” explained Martin Jartelius, CSO of Outpost24.
“Only time will tell if the city actually gets its data back, however history has shown the odds are not in their favour,” said Jartelius. “While some attackers use ransomware to make money, other use the malware to cause destruction and damage. If the attackers are motivated by destruction, it is unlikely Riviera Beach will get its data back anytime soon.”
“As a result of this, the best defence against ransomware is to continuously back up data and keep employees educated on phishing and malicious emails, as well as ensuring a defence in depth strategy to limit exposure, where an impact on a single system or user should not cause a substantial effect across the entire organisation,” he concluded.
Ransomware attacks are ongoing as we speak, so firms are being urged to backup regularly.
Last week a ransomware attack on one of the world’s largest suppliers of aeroplane parts, caused it to cease production in factories across four countries.
ASCO Industries based in Belgium, also had to send home the vast majority of its workforce after the ransomware attack on 7 June.
In March this year a ransomware attack crippled the operations of large Norwegian manufacturing firm Norsk Hydro. The company estimated that it lost more than $40m in the week following that attack, but it didn’t pay the hackers.
The advice from security professionals is clear, urging firms not to pay but instead invest money in improving cyber defences and education, as well as ensuring that regular backups are carried out.
But whatever the experts may say, in April a study from Appriver revealed a worrying admission about the actions of companies after they are struck with a ransomware attack.
It found that more than half of executives (55 percent) at small-to-medium-sized businesses (SMBs) in the US said they would pay hackers to recover their stolen data in ransomware attacks.
Do you know all about security? Try our quiz!