- Joined
- Apr 18, 2013
- Messages
- 94,358
- Reaction score
- 82,750
- Location
- Barsoom
- Gender
- Male
- Political Leaning
- Independent
6/20/19
A saga that began with a municipal employee opening a corrupted email has forced a small Florida city to take the extraordinary step of agreeing to pay nearly $600,000 to the hackers who paralyzed their computer systems. With Riviera Beach’s records held hostage, its city council voted unanimously to pay 65 bitcoin to the hackers — a tab that will be picked up by the city’s insurance carrier. For the past three weeks, city employees have not been able to access their emails, emergency dispatchers couldn’t log calls into computers, and workers and vendors had to be paid with paper checks. Even cops had to dig through closets at the police headquarters to find paper traffic citations, the Palm Beach Post reported. Though city spokeswoman Rose Anne Brown told the Associated Press there is no guarantee the city’s records will be returned after the hackers collect, outside security consultants said paying the ransom was the best course of action. The culprits insisted that the ransom be paid in bitcoin, a cryptocurrency that is difficult to trace.
Before the city council approved the ransom payment, it decided to spend nearly $1 million on new computers, hardware and other system upgrades. In May, Baltimore said it would not pay hackers $76,000 after its systems were attacked. The city is still trying to recover, and this week Gov. Larry Hogan (R) appointed Maryland’s first statewide chief information security officer to help guard against cyber threats. Two Iranians were indicted by the U.S. government last year after allegedly launching more than 200 ransomware attacks, including those that hit the cities of Atlanta and Newark. Those hackers collected more than $6 million in ransom and caused $30 million in damage to computer systems, authorities say. The FBI did not immediately respond to a request for comment on the Riviera Beach hacking. But the agency told the AP that 1,493 ransomware attacks were reported in 2018. Victims, including individuals, paid $3.6 million to hackers — an average of $2,400 per hit.
Yeah, if they don't have backups to restore from, then they were badly mismanaging their information before the hackers wandered in. That's IT 101 since forever.
Or it was an inside job, and they intentionally corrupted the backups.
Florida city will pay hackers $600,000 to get its computer systems back
Riviera Beach’s records have been held hostage for three weeks.
Now why wouldn't/couldn't the DHS and US Cyber Command work on this? Was only the Master File Table encrypted? All files? A hard drive file wipe?
I know Ukraine was hit hard by Russian (Sandworm group) ransomware in 2017. Most systems were back up and running after two weeks without paying the ransom.
Of course, this is probably a different animal. So far this is costing $1,600,000 in new computers and bitcoin ransom not to mention to hassles involved.
Florida city will pay hackers $600,000 to get its computer systems back
Riviera Beach’s records have been held hostage for three weeks.
Now why wouldn't/couldn't the DHS and US Cyber Command work on this? Was only the Master File Table encrypted? All files? A hard drive file wipe?
I can't answer your questions. But I'd say I'd like to see an actual law forbidding governments from paying ransoms. If potential hostage takers and cyber terrorists know that it's not just unlikely, but legally impossible, that their demands will be met, they won't bother.
Well, ransomware extortionists seem to appreciate that logic and mainly squeeze businesses. A business is much more likely to pay and keep quiet about it than a government entity would be so inclined.
It would be possible to pass a law forbidding private businesses from paying them, too. When you think about it, it's interesting that it's illegal for a business to pay off a corrupt foreign official who demands a bribe in order to expedite a permit, for example, since that would be incentivizing criminal conduct by government officials, yet for some reason it's perfectly legal for a business to pay off a ransomware crook or kidnapper.
When dealing with cyber crimes, legislation lags behind.
Yeah, if they don't have backups to restore from, then they were badly mismanaging their information before the hackers wandered in. That's IT 101 since forever.
Or it was an inside job, and they intentionally corrupted the backups.
I'd bet anything that they never backed up a single thing.
I'd bet Baltimore never did either.
I'd bet both places will SAY that they backed up their stuff but when it comes down to the truth...NOPE.
And by "backup" I mean daily OFF SITE backups to a protected server designed solely for that purpose, an off site mirror.
I don't mean just shunting an image over to another PC in the same building and on the same network.
Doubtless. I'll guess further they have pristine billing records for their backup services.
I know some pretty lazy IT people. But it gets deeper than that. I also know a few IT people who aren't the least bit lazy, but they're hamstrung. They'd like to do the right thing but the place they work is a Catch-22 situation, so what they wind up having to do isn't recommended but it's not their call.
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?
We use cookies and similar technologies for the following purposes:
Do you accept cookies and these technologies?