Two municipalities were hit by ransomware last month and forced to pay approximately $600,000 each to regain access to city email and computer systems. One city, Riviera Beach, Florida, has roughly the same size population as the Kirkwood-Des Peres area where our offices are located. For three weeks, Riviera Beach’s email and computer systems, were crippled by what is dubbed “Triple Threat”. Systems included those at City Hall, City Port as well as those that control city finances, water pump stations, testing systems and more.
This latest high-profile instance of ransomware displays how easily someone can hijack your business or city. Officials say the infection started when a city worker clicked on a link in a malicious email. Because of one erroneous click, staff couldn’t work for 3 weeks, a small city is out $600,000 and most of the city operations came to a screeching halt.
More than 50 cities across the United States, large and small, have been hit by ransomware attacks during the past two years. Among them: Atlanta; Baltimore; Albany, N.Y.; Greenville, N.C.; Imperial County, Calif.; Cleveland, Ohio; Augusta, Maine; and more. The Atlanta hit cost the city an astounding 17 million dollars.
The other city most recently affected was Lake City, Florida where authorities also say an employee opened an infected email. Although their IT staff disconnected devices within just 10 minutes of the attack, it was too late. Thankfully, in this case, the police and fire departments operated on a different server, so they were unaffected. Because of the city’s insurance policy, most of the payment was covered although a portion was paid with taxpayer dollars.
Typically, experts advise organizations not to pay ransom but, in some cases, a target may not have a choice. Paying the bad actors encourages more instances of crime and doesn’t necessarily guarantee getting files back. The best defense for a municipality is to have robust up-to-date backups of all important and required data. Also, consistently educating employees on the ever-changing dangers of cybercrime is of utmost importance.
The Miller Group has provided extensive backup and disaster recovery solutions for cities and businesses across the St. Louis region. We also work with our clients to continuously educate staff about how to spot cybercrime before it’s too late. Often an employee is the weakest link when an entity is hit with ransomware, but it doesn’t have to be that way. For more information on our security and recovery service visit here.