Florida Today succumbs in the hands of hackers, as they pay nearly $600,000 as a ransom to liberate their computer systems and other vital information. The problem has taken its toll on its government employees and has delayed all government transactions.
Riviera Beach, 80 miles from Miami, is a small city in Florida with just about 35,000 residents. The city was the latest victim to ransomware led by anonymous hackers which the city first noticed on May 29 after a police department employee opened an infected email attachment, The Palm Beach Post reported.
Hackers used the email to gain access and trigger simultaneous attacks across various government systems that resulted in crashing and rendering them useless. It included all the city’s online systems, emails, some phones, water utility pump stations, and even the city’s 911 system.
“Ransomware is commonly delivered through phishing emails or via ‘drive-by downloads,'” according to the U.S. Department of Homeland Security. “Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment.”
Florida state officials said that the hackers demanded payment of 65 bitcoins—a hard to track and fluctuating cryptocurrency—that amounted to $592,000, which officials said will be paid through Riviera Beach’s insurance.
In a time when productivity is equated to technological capacity, cities are easily crippled when they are held hostage by malicious software. The city said that utility payments could not be accepted other than in person or by snail mail — and even then, only by check or cash. Meanwhile, the local police and fire departments had to write down the hundreds of daily 911 calls on paper.
Ransomware is a cyberattack similar to a hostage-taking situation where hackers get hold of possible sensitive information stored in computer systems by encrypting them with malicious software. Hackers then have the power over said information by having the access key to decrypt the computer system.
Similar to hostage-taking situations, however, the results of every negotiation can be tricky as leverage is placed far greater on the attacker. Especially when you cannot talk or see the person you are negotiating with directly. Particularly, even though Riviera Beach had paid the ransom, it’s is still uncertain whether or not the city will gain back access to the stolen computer systems.
Rose Anne Brown, a city spokeswoman, said on Wednesday that Riviera Beach was working with law enforcement and security consultants in making sure that the ransom will not go to waste. “We are well on our way to restoring the city system,” Brown said.
From another perspective, the city paying $600,000 was a better option compared to the costs of rebuilding and restoring the stolen computer systems.
Atlanta, which was also a victim of ransomware last year, estimated that recovering from an attack could cost $17 million. Baltimore this year also paid up to $18 million in damages.
Ransomware attacks have grown in recent years and have significantly focused on government systems. Hackers are taking advantage of the fact that all government transactions are mainly done through the aid of its computer systems; taking them as hostage leaves governments vulnerable.
Furthermore, chief information officers for local governments across the country said in a 2016 survey that more than a third of them were using outdated technology, which is another green light for hackers to attack.
Cybersecurity firm Recorded Future found that at least 170 county, city or state government systems have been attacked since 2013, including at least 45 police and sheriff’s offices.
Earlier this year, Baltimore faced a second ransomware attack that held its voice mail, email, parking fines database, and a system used to pay water bills, property taxes, and vehicle citations. This follows after the attack from barely a year before that affected the city’s phone system that shut down its automated dispatches for 911 and 311 calls.
The Baltimore Sun reported that it got hold of a copy of the ransom note left on a Baltimore City computer. It told that the ransomware variant was identified as RobbinHood, a new form ransomware attack we know little about.
Moreover, the note demanded payment of 3 Bitcoins in exchange for freeing the city’s systems which were then equivalent to about $17,600 per system or 13 Bitcoins totaling to $76,280.
Governments will still be vulnerable to hacker attacks unless improvements and more security measures will be put in place to defend itself from malicious software.