Why it matters: It was only last week when a Florida city agreed to pay hackers $600,000 to unlock the ransomware that had encrypted its files. Now, a second city in the state has done the same thing.
Lake City, which is located in Northern Florida, found its systems infected with ransomware two weeks ago. IT staff reportedly tried to stop the attack within 10 minutes of it starting by disconnecting affected computers, but it was already too late. Workers were locked out of their email accounts, and the 65,000 residents have been unable to pay municipal bills online, or apply for building permits. Police and Fire departments were unaffected as they run on separate networks
"The biggest concern for the public at this moment is the lack of email communication, and we hope to have alternate email contacts available shortly," said city manager Joe Helfenberger, in a statement.
A week after the systems were infected, hackers contacted the League of Cities, Lake City’s insurance provider. A payment of 42 bitcoins, or around $500,000 was negotiated to unlock the systems. While most experts recommend not paying ransoms as there’s no guarantee the criminals will hand over the decryption key, the insurer agreed to the terms because it was the most efficient way of resolving the situation. While insurance covered most of the ransom, $10,000 is coming from taxpayers.
Last week brought news that Riveria Beach in Florida would be paying $600,000 to hackers in the hope of retrieving its systems, which have been locked for more than three weeks after being hit with ransomware.
Ransomware attacks on state and local governments are on the rise, with at least 170 being targeted since 2013, according to a Recorded Future report. With cities handing over so much cash, expect this trend to continue.