Florida city votes to pay ransom after cyberattack

Kelley Robertson
June 23, 2019

Rose Anne Brown, a city spokeswoman, said on Wednesday that Riviera Beach was working with law enforcement, which does not typically endorse making ransom payments, and with security consultants, who sometimes do as a way for their clients to recoup years of valuable information. She conceded there are no guarantees that once the hackers received the money they will release the records. He is also believed to have stolen $81 million from a Bangladesh bank. At the Monday council meeting, Justin Williams, the city's interim IT manager, noted the city's websites and email had been restored along with the financial systems and software, but several other systems were not yet restored, including back-up systems. On June 4, a week after the attack was initially detected, the city council approved almost $1 million in new IT spending to purchase new equipment, including 310 desktops and 90 laptops, to replace devices affected by the ransomware and upgrade its network architecture.

The Riviera Beach city council voted to let the city's insurer pay 65 bitcoin to get access to city data and computer systems blocked by a cyber attack three weeks ago. He also remains in his home country.

The FBI, Homeland Security and U.S. Secret Service are investigating the Florida attack, according to The Palm Beach Post.

Michigan State University criminal justice professor Tom Holt is cited by the AP as saying that hackers often attack the easiest targets - suggesting that system maintainers often fail to patch and secure just those.

After a city employee clicked on a malicious link in an email, ransomware quickly spread throughout Riviera Beach's computer network, locking it down unless the city paid a 65 bitcoin ransom.

The attack forced the police to write paper tickets for traffic violations instead of entering them into the computer system and printing out a receipt.

However, these figures are likely to be a significant under-estimate, given many attacks won't be reported and the figure for losses doesn't include "lost business, time, wages, files, equipment, or any third party remediation services acquired by a victim". Even when they pay, victims find they can not always recover all of their data, Rebholz said. The hackers often operate from foreign countries, making it very hard for American law enforcement to identify them or take action against them.

Some private WannaCry decryption attempts were successful.

Other reports by

Discuss This Article