Two Florida Cities Forced to Pay $1.1M Ransom to Hackers
By R.J. Johnson - @rickerthewriter
June 27, 2019
For the second time in a week, a Florida city has paid out a digital ransom to hackers in an effort to regain control over their crippled municipal computer systems.
Lake City Mayor Stephen Witt said his small city located in northern Florida agreed to pay hackers a $460,000 ransom in an effort to regain control over their email and other servers, which were shutdown by the attack two weeks ago.
"I would've never dreamed this could've happened, especially in a small town like this," Witt told Action News Jax.
The 'Ransomware' attack on the Lake City computer systems locked city workers out of their email accounts and make it impossible for residents to make any city payments online. Hackers managed to infect the city's systems after a city employee clicked an email link that allowed the malware be introduced into their system. Lake City's town's insurer was contacted by the hackers who negotiated the ransom payment of 42 bitcoins (or around $460,000). Officials decided the ransom was the quickest way for city employees to regain access to their email accounts.
Witt said it wasn't an easy decision to pay off the hackers' demands, but said insurance should cover the majority of the payment, except $10,000. Taxpayers would have to also pay higher insurance rates.
Lake City isn't the only Florida town having trouble with bad actors online. Last week, city officials in Riviera Beach voted unanimously to pay hackers $600,000 in bitcoin after their city's records were encrypted by a separate ransomware attack. The Riviera Beach ransomware attack went after several critical systems, including the city's 911 dispatchers being unable to enter calls into their computer. The city previously authorized spending more than $1 million to replace their computer systems after it was attacked in May.
Ransomware is a type of malicious software (or malware) that encrypts a computer's contents, preventing the owner from reopening their files without the use of a key. The malware is generally spread through phishing emails, or by people unknowingly visiting an infected website.
"Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities," the U.S. Department of Homeland Security warns on its website. "Recovery can be a difficult process that may require the services of a reputable data recovery specialist, and some victims pay to recover their files. However, there is no guarantee that individuals will recover their files if they pay the ransom."