Florida City to Pay $600,000 to Hackers After Ransomware Attack
A city in Florida has decided to pay $600,000 to the hackers behind a ransomware attack that's locked down the local government's data.
On Monday, the city council of Riviera Beach voted unanimously to let the city's insurer pay 65 bitcoins to the hackers. Why the council authorized the payment wasn't discussed at the emergency hearing. But the city is hoping to recover municipal files the hackers encrypted during the ransomware attack.
According to The Palm Beach Post, the attack occurred back on May 29 when a police department employee opened an email containing the malicious code. The attack quickly spread to the rest of Riviera Beach's IT systems, taking them all offline.
In response, Riviera Beach has already spent $941,600 in upgrading the city's IT systems, which has involved purchasing 310 desktops and 90 laptops to replace its old legacy hardware. The city, which is home to 35,000 residents, has also been cooperating with law enforcement on the investigation.
Ransomware attacks generally work by encrypting your computer's files and then forcing you to pay up to get them back. However, the FBI recommends against giving into the hackers' demands. One reason why is because you may end up receiving nothing in return. Paying the hackers can also incentivize them to strike again.
In this case, it isn't clear if paying the ransom released the city's data. But a Riviera Beach spokesperson told The New York Times: "We are well on our way to restoring the city system." During Monday's emergency meeting, the city's interim IT manager said that Riviera Beach had already restored the city's website and access to email, along with several finance-related systems.
The incident occurs after the city of Baltimore was also hit with a ransomware attack that shut down local government computers. Since 2013, at least 169 ransomware-related incidents have affected state and local governments, according to the security firm Recorded Future. A common way the attacks can strike is by exploiting unpatched software and using emails containing malicious attachments.