Riviera Beach, a Florida city of 35,000 people, suffered a ransomware attack nearly three weeks ago. On Monday (June 17th), the city council voted unanimously to pay the $600,000 ransom demanded to receive the decryption key.
Riviera Beach Ransomware Attack
On May 29th, a police department employee opened an email attachment containing malware. The ransomware quickly spread throughout the city’s IT systems, taking them all offline. The ransomware attack rendered city employees unable to access their emails, emergency dispatches couldn’t log calls into computers, and workers and vendors had to be paid with paper checks. City police officers were even found digging through closets to find paper traffic citations.
“Hackers have been able to encrypt systems and encrypt data that are essentially critical to the city,” said Charles Carmakal, Chief Technology Officer of the cybersecurity services firm FireEye Mandiant. “If people call 911 and can’t get ahold of them, it could potentially kill people.”
With this and several other factors in mind, the city council finally elected to pay the 65 Bitcoin ransom. While the $600,000 tab will be picked up by the city’s insurance carrier, Riviera Beach has already spent nearly $1 million on upgrading the city’s IT systems, which involved purchasing 310 desktops and 90 laptops to replace its old legacy software.
When deciding to pay the ransom, there is certainly no guarantee that the hackers will produce the decryption key. However, city spokesperson Rose Anne Brown, said they are relying on their consultant’s advice.
Cities Hit by Ransomware Attacks
Riviera Beach joins a growing list of cities to become victims of a ransomware attack. In May, Baltimore declined to pay hackers $76,000 after its systems were attacked. Today, Baltimore is still trying to recover, and this past week Governor Larry Hogan appointed Maryland’s first statewide chief information security officer to help protect against future attacks.
Over the last year, two Iranians were arrested by the U.S. government after allegedly launching the ransomware attacks that hit the cities of Atlanta and Newark. Those hackers, through over 200 other ransomware attacks, collected more than $6 million in ransom and caused an estimated $30 million in damage to IT systems.
How Do Cities Respond to Ransomware Threats?
The problems cities such as Riviera Beach and even large cities such as Atlanta and Baltimore face are cybersecurity requires proper budgeting, planning, and time. However, hackers evolve and don’t work on budgetary cycles.
“The attackers are obviously advancing at their own pace – they don’t work on annual budget cycles,” commented Jake Williams, founder, and president of cybersecurity firm Rendition Infosec.
With limited budgets, it’s extremely difficult for any city, regardless of its size, to properly protect itself against evolving threats. Cybersecurity measures that were effective in 2018 probably aren’t effective today. However, WatchPoint has a cost-friendly and effective way to prevent your city from becoming the next victim of a ransomware attack.
CryptoStopper, developed by WatchPoint, automatically detects and stops actively running ransomware infections and alerts you to the attack. Click here to learn more about how CryptoStopper and WatchPoint can save your business or city government today!