Ransomware payoff – cities pay up instead of shaping up

The small city of Riviera Beach, Florida, has made the decision to give in to the ransomware and pay out 65 Bitcoin – about $600,000 – to get their computer data back.

While the move might make restarting the city’s computers a little easier, it also sends the bad guys a really clear signal – small cities together with small or medium sized businesses are really a target-rich environment.

It started with a click

The saga started as with most ransomware events – someone clicked on a link in an email. With Riviera Beach, this meant that simple computer use was messed up, 911 calls were not recorded correctly, and the water utility systems went offline. Faced with a demand for a $600,000 ransom, the city initially decided to simply buy new computers for $941,000. Since then, they’ve reconsidered and voted to just pay out the ransom. And it seems that an insurance policy will pay for about half of this.

The good, the bad, and the ugly responses to ransomware

This – and two other recent ransomware cases – highlight the good, bad, and the ugly ways to handle this sort of situation.

The Good – and it is NOT the city of Riviera Beach. It is Norsk Hydro, the global aluminum processor. While knocked offline this March and with some production and logistics taking a hit, the company has gotten favorable reviews for both its quick response and its disaster planning made beforehand.

The Bad – Riviera Beach takes the award for this. Sure, they will (probably) get back online more quickly, but it is still not sure that they will manage to get back the missing data. They have just incentivized the bad guys to do advanced research on small municipalities and construct targeted phishing emails. It also is not clear if the city is doing any planning to prevent this type of event from happening again.

The Ugly – The City of Baltimore is believed is expected to lose over $18 million as a result of the May attack of the RobbinHood ransomware. The city refused to pay a ransom of 13 bitcoin (around $76,000) to unlock the impacted computers and allow users to regain access to their files. While the city reportedly had some backups, they lacked a disaster recovery plan. More than a month afterwards, city operations are still not totally functionally.

Was it an immoral choice?

Ransomware involves choices – and non of them particularly pleasant. The FBI recommends never paying the ransom. Forresters says that paying might be “a valid recovery option.” And it seems that Baltimore really did not know what to do.  What do you think you will do — if or when a ransomware demand hits?

Time for a forward-looking personal choice

Whether a city, business, or an individual, ransomware demands people make some choices. Here are four choices you should be making:

  1. Back up your data regularly — Yes, you need to store your information on a drive that’s not connected to your PC or network. What’s not on your device or reachable via your network is out of reach from the bad guys.
  2. Update and patch your systems — The bad guys count on finding devices with outdated software they can exploit. Patching these vulnerabilities reduces the odds of having your device infected. Enable automatic updates if possible or use a Software Updater  to do the work for you.
  3. Use an antivirus software and a firewall — It’s useful to have both  a security software and a firewall to identify and help shut out the bad guys
  4. Train yourself to be skeptical — Security starts with the individual. Train yourself – and those around you – to not click on questionable links or suspicious attachments.

 

As a PR Consultant and journalist, Frink has covered IT security issues for a number of security software firms, as well as provided reviews and insight on the beer and automotive industries (but usually not at the same time). Otherwise, he’s known for making a great bowl of popcorn and extraordinary messes in a kitchen.