La Porte County in Indiana Dishes Out $130,000 in Bitcoin Ransomware Attack
It's starting to seem like there’s no end to hack attacks on the horizon. All technology can be tweaked and manipulated to enable cybercriminals to carry out the illicit activity and what better way is there for them to receive their ransoms than to use untraceable, irrevocable cryptocurrency? 2019 has seen its fair share of hack attacks, crippling the central offices of certain municipalities and cities, demanding fat ransoms and leaving those who don’t pay to suffer dearly. Now, Indiana’s La Porte County has joined the growing list of cities in the U.S. which have suffered these attacks in recent times.
2019’s 87th Annual Meeting of the United States Conference of Mayors took place in Honolulu. At the conference, a resolution kicking against the decision for attacked cities to pay ransoms was reached. Regardless, the government of La Porte County has paid about $130,000 in Bitcoin, as ransom to hackers who attacked their systems and denied them access by encrypting their files The figure is approximately 11.6 BTC at this time and just like other cases, most of it will be paid by the city’s insurance provider while the government itself will pay only about $30,000.
Even the FBI Couldn’t Help
As much as the FBI is disinclined to paying hackers any ransoms, the Bureau was of no help to the municipality. The attack happened on the 6th of July resulting in incomplete restrictions on the entire network including emails and its website. When the attack occurred, the head of the La Porte County turned to the FBI for help but later discovered that the FBI couldn’t help the situation as their own decryption software failed. This is particularly interesting because the FBI’s position is as follows:
“The FBI does not encourage paying a ransom to criminal actors. Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware and/or may fund illicit activities. More importantly, paying the ransom does not guarantee that a victim’s files will be recovered.”
Even though this is a fair position for the Bureau to have, it becomes a little disheartening for a victim if they cannot help victims, leaving them to eventually dance to the hackers’ tunes.
It was later discovered by malware support service Coveware, that the virus was the Ryuk ransomware, which is the third-largest ransomware by market share only after Dharma and GandCrab. Recently, GandCrab announced that it would be shutting down operations.
Could La Porte Have Done Anything Differently?
As earlier suggested, this isn’t the first time a municipality would be attacked. Riviera Beach City in Florida had to pay 65 Bitcoins to hackers after they successfully crippled business. After this, Lake City, another city in Florida, had to pay 42 BTC (about $500,000 at the time) to hackers following the same pattern after their own networks were also disabled.
The problem with refusing to pay ransoms is usually the cost implications of recovering all infected systems and networks. Most of the time, the cost of the ransom is next to nothing compared to the cost of doing your own recovery.
Baltimore City, sometime in May, was the target of hackers who crippled their networks and demanded payment of 13 Bitcoins, approximately $76,000 at the time. The Mayor of Baltimore refused to dance to the hackers’ tune and pay the ransom. This decision is great in the grand scheme of things but apart from the daily loss of revenue the city suffered, it was estimated that a full restoration of the affected networks would cost the City well more than $10 million.
Sometime in 2018, Atlanta also reportedly refused to pay hackers a $50,000 ransom and instead chose to spend over $2.7 million to recover affected systems.
Because of the cost implications, it’s not hard to see why paying the ransom might be a lot easier than trying to restore normalcy on their own terms. However, there also is the worry, as highlighted by the FBI, that payments embolden hackers. The only real solution is to put in more than enough safeguards to ensure that these things don’t happen in the first place.