A city in Florida paid out around $460,000 in a bitcoin ransom scheme, about a week after another Florida city paid around $600,000. Lake City’s IT Director Brian Hawkins has been fired as a result of the breach, which shut down the city’s critical digital infrastructure. As CCN previously reported, ransomware is on the rise. Baltimore, Atlanta, and several other jurisdictions have fallen victim, including the public defender system in Boston.
Previously, ransomware had been seen as on the decline. But more sophisticated variations of the software have arisen, often deploying themselves via e-mail or through the web.
Once a ransomware or cryptolocker has taken over a network, it’s a matter of time before it finds a group of vulnerable computers. In some cases, the entire system can be locked down or just crucial parts of it, such as those that serve public infrastructure.
In Atlanta, for example, many parts of the judicial system are currently unusable. That city previously paid $7 million to get around paying off a ransom of just over $50,000.
The full scale of the damage in Baltimore remains unknown. In both cases, simply paying the ransom might be the way to go.
This is the route that two cities in Florida have chosen, with Lake City being the latest.
That doesn’t mean no one faced any repercussions. As mentioned above, Brian Hawkins was fired. The attack may have succeeded through no direct fault of his, but the city had to spend a lot of money as a result. Someone had to be held responsible.
In some ransomware schemes, the cost of the attack goes up by the day until eventually the attacker just deletes the hard drive’s contents. The victim has no access to critical files in the meantime. For many casual, personal users, these attacks are often not a big deal – wipe the computer yourself, start over more securely.
But for businesses and governments that rely on computer systems, the attacks can be fatal. This is the case in Baltimore and Atlanta and might have been the case in Lake City, Fla. Lake City made the controversial but arguably wise decision to pay the ransom. Instead of firing people and fighting the ransom payments, cities should look at ways to avoid becoming infected in the first place.
Often enough, attacks take place over e-mail, with attackers successfully phishing government employees. Employees can be trained away from this behavior or their e-mail access can be restricted in various ways.
Usually, measures to ensure security aren’t put in place until an attack has already happened. Therefore, the cost of the ransoms themselves might be considered the price of security. A costly lesson but ultimately one that doesn’t have to be learned twice – unless you’re Baltimore or Atlanta, of course.
Last modified: January 10, 2020 3:34 PM UTC