Florida City Pays $600,000 Ransom to Hackers for Keys to Unlock Encrypted Files

A ransomware attack on the city of Riviera Beach in Florida has paralyzed the city’s computer system for more than 3 weeks and has caused widespread disruption.

The attack started on May 29 with a single email. A member of the Riviera Beach police department received an email with an infected email attachment. When the attachment was opened, ransomware was deployed.

The attack took down the city’s online services and computer systems. Water utility pumping stations were affected and the email and phone system were taken out of action. While vendor and payroll payments were unaffected, all online services were crippled.

Even though the city has just 35,000 residents and is far smaller than several other cities that have recently been attacked, the ransom demand was considerably higher than previous attacks.

Riviera Beach received a demand for payment of 65 Bitcoin, approximately $592,000, for the keys to unlock the encryption. The city council agreed to pay the ransom even though there was no guarantee that the hackers would make good on their promise and supply the keys to unlock the encrypted files. In addition to the ransom payment, the city has spent more than $900,000 on new computer hardware. The hardware upgrade had already been planned to take place next year, but was brought forward as a result of the ransomware attack.

The city does have a cyber insurance policy which will help to cover the cost of recovery but it is only expected to pay for a third of the cost of remediating the attack. The remainder must come out of the city’s coffers.

According to Riviera Beach spokesperson, Rose Anne Brown, the city is now on its way to restoring its computer systems.

While the ransom payment was high, it is still considerably less than the cost of recovery without paying the ransom. In 2018, the City of Atlanta was attacked with ransomware and the cost of recovery was in excess of $17 million. This year’s attack on the City of Baltimore is estimated to have cost $18 million to resolve.

Author: Richard Anderson

Richard Anderson is the Editor-in-Chief of NetSec.news