Ransomware Goes Public: Cities Pay Over $1 Million to Get Their Data Back
July 16, 2019 | Marc S. Ullman |In the second and third week of June, the municipalities of Lake City, and Riviera Beach, Fla., agreed to pay a combined total of over $1 million to cyber criminals claiming responsibility for shutting down municipal computer systems necessary to the operation of crucial municipal functions.
The Riviera Beach attack was traced to an email sent to a police department employee, who opened an infected email attachment. Most of the city’s online systems (including email, some telephones, water pumping stations and credit card processing) were shut down. In order to regain access to the locked systems, the city has agreed to pay nearly $600,000 to the hackers claiming responsibility. This cost will be borne by taxpayers as this type of attack was not covered by any insurance policy in place at the time.
Lake City paid $460,000 to hackers claiming responsibility for ransomware that had shut down the city’s email servers along with systems running its 911 service and the municipal payment system. As in the Riviera Beach attack, the malware was downloaded when an employee clicked on a link in an infected email. Unlike Riviera Beach, Lake City had insurance coverage and was directly responsible for only a $10,000 deductible.
Baltimore, Atlanta and smaller municipalities in North Carolina, California and Ohio have all recently acknowledged being subjected to ransomware attacks and suffering varying amounts of fiscal damage. Hospital systems and private businesses remain popular targets for this kind of attack as well.
Robust offsite backup systems, employee training and discipline, along with a rapid-response protocol, are defenses that any business or municipality should be implementing to reduce the risk of a successful attack on their systems. At the same time, it is imperative to review existing insurance policies to make sure that they provide fulsome cyber coverage and to obtain coverage where gaps are identified. For an article on cyber insurance, click here.
