In brief: Ransomware victims are often advised not to pay money to unlock their files, usually because there’s no guarantee the hackers will oblige. But the council of one Florida city has voted to hand over more than $600,000 in the hope of getting back data that has been encrypted for more than three weeks.
According to The Palm Beach Post, the attack on Riviera Beach, Florida, a small city north of West Palm Beach, was launched on May 29 when a police department employee opened an email attachment containing the ransomware. It spread to other IT systems, locking down the city's website, email server, billing system, and others, even affecting 911 dispatch operations.
On June 3, city officials agreed to spend $941,000 on 310 new desktops and 90 laptops to rebuild its IT systems, but as the original data hadn’t been backed up, a unanimous 5-0 vote took place this week that will see the council’s insurance carrier pay the hackers 65 Bitcoin, around $592,000.
City spokeswoman Rose Anne Brown told the New York Times that Riviera Beach was working with law enforcement and security consultants, and that it is “well on our way to restoring the city system.”
We’ve seen numerous US cities hit with ransomware attacks in recent times. Jackson County paid hackers $400,000 to regain access to its systems back in March, and the attack on Baltimore, which didn’t pay the $76,000 ransom, still cost the city $18 million in damages. We’ve also seen instances in Albany, San Diego, and Sarasota, along with those on several hospitals.