In May of this year, hackers took over
the systems of Riviera Beach, when a police department employee unknowingly
opened a malicious email that allowed the hackers to inject the whole city’s
network with malware. For three weeks, the city had its computer systems held
hostage. After a prolonged debate, the council of the city voted unanimously to
pay the ransom of $600, 000 in the hopes of getting Riviera Beach’s encrypted
records back. However, one thing was not sure – whether or not the hacker will
actually restore the stolen information after getting the ransom.
The hacker attack was so powerful that
it not only locked down the encrypted files, it took down the entire city
network, and furthermore – 911 dispatchers could not enter calls into their
systems and employees and contractors had to be paid by check instead of usual
direct deposit.
The security consultants gathered and
after the discussion, they urged the city council to pay up, despite the risk
that the hackers won’t restore the needed and valuable information. They said
that the city’s insurance provider will cover the payment. It is noted that
earlier that month Riviera Beach council voted for investing a large amount of
money in securing the city systems and protecting them from serious attacks.
Even though the US enforcement agencies
often recommend that ransomware victims do not pay hackers, simply because
there is no guarantee that hackers will comply and retrieve the valuable stolen
information and because such payments encourage cybercriminals to strike again
and again.
However, the city governments that do
not pay after ransomware attacks can easily end up with costs higher than the
hackers initially demanded. For example, there was the case with Atlanta not paying the hackers the demanded $51, 000
bitcoin after they were hacked in March 2018.
The after all cost that the city suffered was $17 million in damages.
The analysts have agreed that paying
ransomware is a “valid recovery option” for businesses that can not
get their files back. It is noted that at least 170 state and local governments
in the US have suffered ransomware attacks since it all started in 2013. There
was the case with Iranian hackers for the incidents that hit more than 200 city
governments and other institutions, and it caused more than $30 million in
damages.
The reason why Riviera Beach city
government was attacked and why are all the governments usually attacked is
because the government agencies provide critical services and those critical
services cannot afford the digital lockouts.
On the other hand, the relatively large
ransom demanded from Riviera Beach suggested that hackers have become
emboldened by their rapidly sophisticated ability to target government
agencies. It was a quick and effective way to extract money from public
entities. The hackers use strong types of programs as the cyberweapons.
Considering all this, it is not surprising
that the city of Riviera Beach, a small city of 35, 000 people agreed on paying
the ransomware. Taking into consideration that the costs to rebuild the system
is usually far higher than the very given ransom itself.
One more reason for paying the ransomware
was because the attack was upon not only online systems, including email and
some phones, but as well as water utility pump stations. Utility payments were
not accepted in any other way than in person and even then had to be paid by
check or cash.
Keep in mind that the city of Riviera
Beach is not the first nor the last to experience this tremendous problem. Last
year, another Palm Beach suburb – Palm Springs – also paid a ransomware demand
but lost two years so data, nevertheless.
In March this years, officials in
Jackson County, Georgia, also agreed of paying $400, 000 to regain access to
their files,
However, neither of these cities was the
victim who paid the largest amount of ransom demanded. This “honor”
goes to South Korean web hosting firm, which paid 13 billion won ($1.4 million)
worth of bitcoins to a hacker when the ransomware attacked occurred on June
2017.
After some time, it is noted that
Riviera Beach has succeeded in getting back some of the files, bit by bit. It
really was a hard time for all of them in this small town.
Cybersecurity experts claim that the
complexity and severity of the ransomware attacks just increase and that the
sophistication of the hackers and the threat that they impose is much bigger
than many organizations and cities are able to keep pace with. There is no
total security notion that can protect a city from the attack, however, when it
occurs, the city officials should react immediately, even if it means paying
the ransomware as Riviera Beach before it is too late.
Source: CNN,
The New York Times, Wiki