Skip to main content
close search
site logo
Dive Brief

Florida city agrees to pay hackers $600K after malware attack

Published June 21, 2019
By
Jason Plautz Contributor
Max Pixel

Dive Brief:

  • The Riviera Beach, FL City Council voted unanimously to pay a $600,000 ransom demand to hackers who had frozen its computer system, according to the Associated Press and other reports.
  • In the malware attack three weeks ago, hackers encrypted city records, disabled email systems and caused problems with digital payroll and 911 systems. It appears a city employee clicked on an email link that uploaded malware into the system.
  • A city spokeswoman told the AP that paying the ransom was recommended by outside consultants, even though there is no guarantee the hackers will release city records. The council also voted to spend nearly $1 million to upgrade computer systems after the attack.

Dive Insight:

Cities have increasingly faced cyberattacks, with hackers freezing systems and demanding ransom.

This is the latest in a string of cyberattacks that have frozen city systems. Baltimore recently refused to pay a $76,000 ransom to stop a malware attack, and similar cybercrimes have targeted AtlantaAllentown, PA and Medford, OR. Hackers have also targeted hospitals and transportation hubs like the Port of San Diego.

According to the Palm Beach Post, the Florida village Palm Springs paid an undisclosed ransom in response to a 2018 attack, but still lost two years of data. The FBI’s website says it "doesn’t support" paying ransom to hackers, despite some cities' decisions to do so.

In Riviera Beach, the city council approved payment of 65 bitcoins, with a value of approximately $592,000, from the city insurer and an additional $25,000 from the city budget. Cryptocurrency is preferred by hackers because it is hard to track.

The hacks make it clear many cities are unprepared for cybersecurity threats; a 2018 Deloitte-NASCIO survey found that nearly half of states do not have a separate cybersecurity budget line and most allocate less than 3% of their IT budgets to cyberthreat preparation.

Experts caution that Riviera Beach's decision may set a tough precedent for cities, as they can become attractive targets if hackers know they can get a ransom.

Cesar Cerrudo, chief technology of IOActive and founder of the Securing Smart Cities initiative, said in a statement that criminals see targeting city technology as "a good business opportunity," especially with a lack of investment in cyber security knowledge.

"Compromising the right city systems allows attackers to get good money as governments' bad security practices force them to pay cyber criminals to get their city systems back to work," Cerrudo said.

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
How Local Governments Can Leverage Smart City Indicators to Enhance Urban Competitiveness
From Market Intelligence & Consulting Institute(MIC)
November 20, 2024

Want to share a company announcement with your peers?

Get started

Editors' picks
Latest in Tech & Data
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.