Florida Town Lake City Bites the Bitcoin Ransomware Dust; Pays $500,000 in BTC to Hackers
Since Bitcoin launched about a decade ago and eventually became popular, many cybercriminals have pitched their tents with the number one coin and other cryptocurrencies as the preferred way to receive ransoms for their various nefarious activities. Crypto is still the easiest way to transact illegal business on the darkweb and this realization is one of the major reasons why a lot of people and also governments do not support the growth of digital assets. Because cryptocurrency transactions are largely irreversible and mostly untraceable, it is understandable that governments feel stifled when these cybercriminals get away with their shenanigans.
Second Florida State Ransomed
In the wake of recent ransomware attacks, another city in the state of Florida has fallen victim to hackers costing them $500,000 in Bitcoin. About two weeks ago, unknown cybercriminals took down computer systems in Lake City, preventing officials from their daily activities. It is said that IT staff at the office were very quick to notice the attack and proceeded to sever all connections but it was already too late by then. This halted a lot of work as email access became impossible and many of the locals could no longer make online payments.
The mayor of the town, Stephen Witt, expressed surprise when he was apprised of the situation, especially after the hackers reached out to Lake City’s insurer and demanded payment of 42BTC – $500,000. The money was paid because after two weeks, there was no alternative to restoring full access. The mayor spoke to journalists saying:
“I would have never dreamed this could have happened, especially in a small town like this.”
The mayor also explained at the time, that the larger portion of the ransom will be paid by the insurance company but at least $10,000 will have to come from taxpayers.
This isn’t the First Time
Less than a week ago, Riviera Beach – another city in Florida – was also forced to part with $600,000 in Bitcoin, after an attack that also crippled normal city business. The attack was discovered on the 29th of May after an official unknowingly opened an infected email. This was especially worrisome for employees because just about a week before, the council had voted to spend up to $1 million to run several security upgrades for their systems.
For a long time, many cybersecurity experts have constantly been of the opinion that ransoms shouldn’t be paid because it’s impossible to guarantee that complete normalcy will be restored. However, the cost of recovering from an attack like this could be many times the amount of the ransom.
For example, a similar attack took place in Baltimore a few weeks ago. The effects were serious and was said to have affected real estate businesses in the city because they were unable to process payments. This also affected new property buyers because since the settlement wasn’t completed, they couldn’t move into their new homes.
However, in this case, the mayor of Baltimore refused to make the demanded payment of $76,000 in Bitcoin. This refusal proved to be a very expensive one because recovering from such an attack eventually cost the city roughly $18 million.
In Lake City, the City Manager – Joe Helfenberger precluded this by deciding to pay the ransom because the city envisioned the staggering cost of going the Baltimore way.
According to Helfenberger:
“Based on the advice of the vendors, the purchase provided a mechanism to the City to retrieve the City’s files and data, which had been encrypted, and hopefully return the City’s IT system to being fully operational. If this process works it would save the City substantially in both time and money.”
According to the FBI, there were at least 1,493 ransomware attacks in 2018 which saw attackers collecting roughly $3.6 million.