Hackers launching ransomware attacks against Florida municipalities blocked earnings in excess of $1 million this month as two city administrators found no alternative way to retrieve files on affected systems.
After a ransomware attack-called “Triple Threat” because the three compromise methods were mixed-on June 10 the City of Lake City computers ceased to work as malware encrypted data on them.
Fast reactions do not prevent infection
The attackers demanded a restitution of 42 Bitcoins that is over $530,000 worth today, to provide the decryption keys to restore the data.
Disconnecting the systems affected minutes after the infection did not prevent malware from affecting most landline phones and email systems, which forced employees to continue using pen and paper.
Emergency services were unaffected, as were those used by the police and fire departments, because they were located on a separate network.
“Our systems are shut down, but there is no evidence to indicate any sensitive data has been compromised. All customer service payment data, such as credit card data, is stored off-site by third-party vendors and would not have been accessed by an attack like this on our network,” said City Information Technology Director Brian Hawkins.
With no proper backup to restore data, Lake City had no choice but to pay the ransom; on Tuesday they shipped the Bitcoins to the hackers. Mayor Stephen Witt said after talking to the FBI and the insurance company in the city, the administration took this decision.
Witt says that the majority of the money is insured to save $10,000, which citizens will support by paying a higher insurance rate in the future.
Another city of Florida agreed to pay the ransom
Riviera Beach City also gave up a ransomware demand in Florida last week after data on their computers were locked up in an incident on May 29.
Payment of hackers was unanimously voted by the City Council because the administration had no other option than lack of proper backup procedures.
The attackers requested 65 bitcoins, which at the time of the decision was approximately $600,000.
The decision came after the town approved expenditure of almost $1 million on new computers and hardware to help reconstruct the IT network.
Both occurred because a malware employee opened a malicious email and backup policies and systems, if available, were not working properly.
In total, the hackers behind these two attacks collected 107 bitcoins worth approximately $1.36 million at present.
Security and law enforcement experts do not encourage hackers to pay for ransomware-affected parties. This only encourages them to start more attacks and there is no guarantee that the decryption key will actually be delivered.