Last month, the city of Riviera Beach, Florida, was crippled by a ransomware attack that led to it paying a hefty sum to recover government systems.
A city spokesperson confirmed earlier this month that the government had voted unanimously to pay the ransom on top of the costs of attempting to fix and replace the computers that were compromised in the cyberattack.
Just days later, it happened again: another Florida city, Lake City, confirmed to reporters that it had been compromised by a ransomware attack and agreed to pay the ransom to regain control.
“I would’ve never dreamed this could’ve happened, especially in a small down like this,” Lake City Mayor Stephen Witt told local CBS News reporters at the time.
Unfortunately, researchers warn, cyberattacks on local governments are probably going to be an increasingly common occurrence — and taking the stance of “it won’t happen to me” could be a costly one.
“Americans are getting their identities stolen every two seconds. We’re at war and don’t realize it. They attack every industry you can think of,” said Ron Bush, an information security consultant, in a recent interview with NWI.com.
Ransomware attacks are on the rise within local and state governments, he added, leading to revived debate about how to handle such a scenario.
The latest cases of two Florida cities paying the money to regain their systems has raised controversy over what to do in the case of a ransomware attack. The Federal Bureau of Investigation’s official position on the matter is to not pay the ransom. However, as NWI.com reported, experts agree that often paying the ransom is often less expensive than replacing systems and starting from scratch. The downside, however, is that attackers may sell stolen data on the dark web and, once a ransom is paid, those hackers may demand payment again later, Bush warned.
“It’s a cost-benefit analysis,” explained Sera Solutions Founder and Owner Seth L. Spencer in an interview with the publication. “When you pay, the files are decrypted in nearly 100 percent of the cases because it’s automated when the payment is received. When you’re a government or hospital and held up so you have to ease operations, paying tens of thousands of dollars might make sense. What’s the alternative?”
Below, PYMNTS examines some of the latest data behind the rise in government bodies being targeted in cyber and ransomware attacks — and the price tags with which these attacks come.
65 Bitcoin, or about $600,000: the cost of regaining data for the city of Riviera Beach when it decided to pay the ransom. As reports in WPTV noted, the vote to pay the ransom followed a previous agreement reached to spend about $1 million to replace compromised computer equipment.
$460,000: the price tag for the Florida city of Lake City to regain control of its data and systems after its ransomware attack. According to the city’s mayor, Stephen Witt, the insurance the city has will cover “all of it except $10,000,” a cost he added will be passed onto taxpayers in the form of higher insurance rates, reports said.
$132,000: the value of Bitcoin that LaPorte County paid to ransomware attackers earlier this month. The Indiana county, 65 miles from Chicago, was hit by the Ryuk virus in what appears to be a growing trend: cyber attackers targeting small government entities that often lack sophisticated cybersecurity measures and often run on outdated software, according to Keeper Security Founder and CEO Darren Guccione in a recent interview with WGNTV.
20+ municipalities, cities, counties and state governments have fallen victim to some type of cyberattack so far this year, according to Recorded Future data. Keeper Security’s Guccione told WGNTV that nearly one-quarter of cities and counties in the U.S. are fending off a cyberattack on their networks once an hour.
30 years have passed since the first recorded ransomware incident, Recorded Future said in its report published in May. The modern version of ransomware, in which attackers demand payment in bitcoin, first emerged in 2013. As analysts noted, local governments being targeted by ransomware attacks is nothing new: They were among the crime’s first targets. However, Record Future warned, these attacks appear to be growing: in 2016, researchers confirmed 46 attacks on local and state governments. Last year, that figure hit 53.