Florida city pays $600,000 to resolve ransomware attack

Riviera Beach in Florida pays hackers ransom to release city

Three weeks ago, the small Florida city of Riviera Beach suffered a debilitating cyber-attack. Hackers infected the municipality’s systems with ransomware through a simple phishing scam. As a result, the local government’s files were encrypted, its email system was shut down, and its emergency dispatch system was disrupted.

Defying the recommendation of federal law enforcement, the Riviera Beach City Council paid the $600,000 ransom.

Cyber-Attack Details

The New York Times reports the Palm Beach suburb’s problems began on May 29. On that day, a Riviera Beach police officer opened a seemingly innocuous email attachment at his workstation. In reality, it contained a malicious program that uploaded ransomware across the city’s local network. Once active, the hacker’s malware encrypted the city’s files and shut down its intranet. As a result, 911 dispatchers were unable to log calls, and citizens were unable to pay their utility bills.

The hackers that compromised the city systems demanded 65 Bitcoins ($606,450) to undo the effects of their attack. Riviera Beach officials contacted the Federal Bureau of Investigation and a private cybersecurity consultant. The firm advised city leadership to pay up. As reported by the Associated Press, rogue operators usually unencrypt civic data after receiving payment.

The FBI told the City Council to refuse the ransom demands. The agency offers the same recommendation to all municipalities that suffer cyber-attacks. However, in this instance, the local leaders decided to take their consultant’s advice. The Riviera Beach City Council unanimously voted to pay the ransom which will be covered by the city’s insurance. The group also voted to move up a 2020 initiative to spend $1 million upgrading the municipality’s computer hardware.

As of this writing, the unidentified hackers who perpetrated the Riviera Beach attack have not released the city’s digital infrastructure. Additionally, it’s unknown which digital tools the operators used to facilitate their attack.

A Growing Problem

The federal government’s hard-line stance has proven costly for multiple cities across America. In early 2018, Atlanta suffered a debilitating ransomware attack. The city’s officials didn’t play ball and enlisted the FBI, the Department of Homeland Security, and private consultants to repair their compromised systems. Ultimately, Atlanta had to pay $17 million to fix its digital infrastructure.

In early May, hackers launched a ransomware attack against the city of Baltimore. To restore access to municipal systems, the group demanded $100,000 in Bitcoin. Although the hackers involved used the National Security Agency’s powerful EternalBlue tool, the city’s leaders refused to pay the ransom. The New York Times reports Baltimore spent $18 million to undo the effects of the hack.

Late last month, rogue operators hit Philadelphia with a malware attack that shut down its court system. The extent of the damage incurred is as yet unknown.

Cybersecurity firm Recorded Future found municipal ransomware attacks are becoming increasingly prevalent. It noted 21 public sector ransomware attacks occurred in the first four months of 2019. The group only documented 53 such attacks in all of 2018.

Hackers are targeting civic digital infrastructures because they lack the robust security of private enterprises and federal government installations. Indeed, a 2016 survey of local government chief information officers found one-third of their systems are outdated. Furthermore, less than half reported holding cybersecurity insurance.