A second small city in Florida has agreed to pay hundreds of thousands of dollars in ransom to cybercriminals who disabled its computer system.
Days after ransomware crippled the city of about 12,000 residents, officials of Lake City agreed this week to meet the hackers’ ransom demand: 42 Bitcoin or about $460,000.
Last week, River Bench, in Palm Beach County, paid $600,000 in Bitcoin to retrieve its data. In both cases, most of the money will be paid by insurance companies.
On Thursday, Key Biscayne, a third Florida city, said it too had been targeted by a cyberattack. But city officials said it had managed to restore most of its computer systems by late Wednesday.
Ransomware, a type of malicious software designed to deny access to a computer system or data until a ransom is paid, is becoming an epidemic in the public sector.
The cybersecurity firm Recorded Future reported in May that 170 city, county or state government systems have been attacked since 2013.
Ransomware attacks are not limited to small cities. Baltimore, a city of more than 600,000, has been fighting a cyber breach since May. The city refused to pay the $80,000 ransom that the hackers demanded. Instead, it has spent $18 million on data recovery.
Similarly, the city of Atlanta spent nearly $17 million after it was targeted in March 2018.
In November, the FBI indicted two Iranian men in a computer hacking and extortion scheme that targeted cities like Atlanta and Newark, N.J., in addition to the Port of San Diego, the Colorado Department of Transportation and six health care-related organizations. The estimated losses added up to more than $30 million.
One of the largest ransomware attacks was WannaCry, which encrypted hundreds of thousands of computers in more than 150 countries in a matter of hours. It was the first time that ransomware had spread across the world in what looked like a coordinated cyberattack.
The British national health care system was especially hard hit by WannaCry, which caused thousands of hospitals to go offline. The attack also affected government systems, railway networks and private companies.
It was eventually traced to a group of hackers working for North Korea who used stolen highly classified hacking tools developed by the U.S. National Security Agency.