City Manager Of Lodi City Of California Confirms Being Hit By Bitcoin Ransomware Attack
It has become increasingly evident that targeted ransomware attacks on local US government entities are on the rise, costing localities millions as some pay off the perpetrators in an effort to untangle themselves and restore vital systems.
The latest major city to be hit in Baltimore, which was infected with ransomware Tuesday. It has quarantined its networks and been forced to provide most of its municipal services manually. Now, Lodi City in California also faced the same fate.
The malware was disguised as an attachment as an invoice in an Email. As soon as an official clicked on the malware, the software was spread to the entire city’s computer system. Steve Schwabauer, the city’s manager said:
“The ransom demanded 75 Bitcoins (approximately $400,000 at the time of the inquiry) be paid to restore our systems. We did not pay the ransom. Instead, we rebuilt our systems from our back-ups.”
Cyber experts acted swiftly and luckily no public information was compromised. Schwabauer added:
“We did not come forward with this information because we were following the advice of legal counsel. To say anything more would be a violation of attorney-client privilege.”
Organizations continue to struggle to track the evolving patterns of cyberattacks which makes it extremely difficult for them to defend themselves. Despite the use of the word “targeted,” it does not appear that these are targeted attacks in the traditional sense.
These attacks tend to be more targets of opportunity. Even groups like the teams behind Ryuk and SamSam appear to stumble into these targets. However, once these groups do realize they are in a state or local government target, they take advantage of the fact by targeting the most sensitive or valuable data to encrypt.
However, global malware volume is down 20%. Researchers have found that there is a 15% increase in ransomware attacks globally and a 195% surge in ransomware within the United Kingdom.