A town in the Ontario Province of Canada has decided to pay hackers the ransom they are demanding in bitcoin in order to get its computer network working again.
Midland, which has a population of over 16,000, had its computer systems breached and infected with ransom malware that encrypted files at the beginning of the month. The cyber attack rendered the town’s computers inoperational for around 48 hours and this crippled email services, processing of payments, issuance of permits, reloading of transit cards and processing of marriage applications.
Critical services such as waste management and fire response were, however, not impacted. To facilitate decryption the hackers have been demanding that a ransom be paid in bitcoin. The town has consequently started the process of paying the unspecified ransom amount in bitcoin in order to get the decryption keys.
“Under the guidance of cyber security experts, we have initiated the process to pay the ransom in exchange for the decryption keys,” a media release from Midland Town Council read. “Although not ideal, it is in our best interest to bring the system back online as quickly as possible. The Town had previously secured an insurance policy to cover such circumstances. Decryption efforts are underway.”
The decision by Midland Town Council to acquiesce to the demands of the hackers stands in contrast to the move by the Professional Golfers Association of America to refuse to pay a ransom in bitcoin after similar malware was planted on its computer systems early last month. This was despite the fact that the hackers insisting that only they possessed the decryption software as CCN reported:
“We exclusively have decryption software for your situation. No decryption software is available in the public.”
In agreeing to remit the ransom Midland is, however, not alone in preferring to pay up in order to get its systems working again as many victims have done so if the amounts obtained by ransomware creators are anything to go by. Last month, for instance, it was reported by a U.K.-based cybersecurity firm, Sophos, that the creators of the SamSam ransomware had managed to rake in more than US$6 million since it started proliferating in late 2015 with the highest amount paid by an individual being US$64,000.
Additionally, a report released last year by researchers drawn from Google, Chainanalysis, University of California, San Diego and New York University concluded that creators of various ransomwares managed to generate US$25 million in 24 months, most of which was being cashed out through the BTC-e cryptocurrency exchange.
Midland, Ontario image from Shutterstock.