On Monday, June 10th, Florida’s Lake City was hit with a malware attack known as a ‘Triple Threat’. This type of ransomware program uses a mix of three different methods that attack network systems. While the Lake City IT staff disconnected the computers within minutes of the attack happening, it was still too late.
The attack left staff locked out of their email accounts while members of the public were unable to make their municipal payment online.
Lake City swiftly implemented the use of paper receipts for utility and water payments as well as of hand-written building permits. City Manager Joe Helfenberger assured the residents in the aftermath of the attack that the IT staff was working non-stop to recover lost data but, by the looks of it, they could only do so much.
Lake City’s insurer was contacted by the hackers, who demanded a random payment of 42 bitcoins, which translates toughly into $500,000. After a few difficult weeks of switching to paper, the city eventually announced that it will give in to the demands of the hackers.
Thankfully, insurance will cover most of the random but the extra $10,000 will be supported by the taxpayers.
This is not the first city in the U.S to suffer from a ransomware attack recently – it’s actually the second one in Florida.
Last week, Riviera Beach, a suburb of Palm Beach, found itself in a similar situation when a cyberattack forced city workers to turn to paper for the tasks they would have normally accomplished in a few seconds or minutes on their computers.
Riviera Beach too, agreed to pay the ransom.
The city of Baltimore was also hit a while ago and, so far, the city has refused to pay the hackers, in spite of the mounting costs the attack has incurred.
Back in 2018, a remote Alaskan city called Matanuska-Susitna was also locked out of its own infrastructure when malware started to spread across its computer networks, disrupting a large number of services, even local libraries and animal shelters.
City staff switched to mobile phones and temporary email services and resorted to using typewriters for the next two months and the incident ended up costing the city over $2 million.
It’s still unknown who attacked the small city, who is affectionately known in Alaska and by its inhabitants as Mat-Su, but the city none the less recovered, thanks to a dedicated team that combed through all the data and brought it back to its feet.
“Ransomware is the canary in the coal mine,” cybersecurity expert Kevin Beaumont told BBC, arguing that everyone who runs an organization needs to get better at IT security. “Organisations are financing their attackers to be better than them – and sooner or later that situation may snowball for everybody else trying to defend their networks.”
Both the FBI and cyber-security experts have always advised the victims of malware attacks not to pay ransoms, as there is absolutely no guarantee that the hackers will restore the computer systems to their previous state, if at all.
However, the costs of dealing with and subsequently recovering from such an attack, as proved by Baltimore and many others, are often even higher.