- The Riviera Beach, FL City Council voted unanimously to pay a $600,000 ransom demand to hackers who had frozen its computer system, according to the Associated Press and other reports.
- In the malware attack three weeks ago, hackers encrypted city records, disabled email systems and caused problems with digital payroll and 911 systems. It appears a city employee clicked on an email link that uploaded malware into the system.
- A city spokeswoman told the AP that paying the ransom was recommended by outside consultants, even though there is no guarantee the hackers will release city records. The council also voted to spend nearly $1 million to upgrade computer systems after the attack.
Cities have increasingly faced cyberattacks, with hackers freezing systems and demanding ransom.
This is the latest in a string of cyberattacks that have frozen city systems. Baltimore recently refused to pay a $76,000 ransom to stop a malware attack, and similar cybercrimes have targeted Atlanta, Allentown, PA and Medford, OR. Hackers have also targeted hospitals and transportation hubs like the Port of San Diego.
According to the Palm Beach Post, the Florida village Palm Springs paid an undisclosed ransom in response to a 2018 attack, but still lost two years of data. The FBI’s website says it "doesn’t support" paying ransom to hackers, despite some cities' decisions to do so.
In Riviera Beach, the city council approved payment of 65 bitcoins, with a value of approximately $592,000, from the city insurer and an additional $25,000 from the city budget. Cryptocurrency is preferred by hackers because it is hard to track.
The hacks make it clear many cities are unprepared for cybersecurity threats; a 2018 Deloitte-NASCIO survey found that nearly half of states do not have a separate cybersecurity budget line and most allocate less than 3% of their IT budgets to cyberthreat preparation.
Experts caution that Riviera Beach's decision may set a tough precedent for cities, as they can become attractive targets if hackers know they can get a ransom.
Cesar Cerrudo, chief technology of IOActive and founder of the Securing Smart Cities initiative, said in a statement that criminals see targeting city technology as "a good business opportunity," especially with a lack of investment in cyber security knowledge.
"Compromising the right city systems allows attackers to get good money as governments' bad security practices force them to pay cyber criminals to get their city systems back to work," Cerrudo said.