UPDATED 21:50 EDT / JUNE 26 2019

SECURITY

In a disturbing trend, another Florida city votes for ransomware payment

“Florida man” has become such a popular meme that it has a Wikipedia page, but it may have a new contender in the form of “Florida city” after yet another one has decided to pay hackers following a ransomware attack.

Following in the footstep of Riviera Beach June 20, Lake City council voted Monday to pay a 42-bitcoin ($550,000) ransom to gain a promised decryption key that will allow it once again to access its data.

Lake City was inflicted with ransomware on June 10 in an alleged “Triple Threat” attack. If the description is accurate, the attack on Lake City may have also been rare as it wasn’t simply a ransomware attack alone. A Triple Threat attack includes the Emotet and TrickBot banking trojan viruses with Ryuk ransomware, with a goal to steal sensitive information, encrypt computers and ransom victims’ data.

Why hackers would find the data stored by Lake City, population 12,046, interesting is the missing piece in this story.

The only positive for Lake City taxpayers is that the decision only cost them $10,000 since insurance covered the rest of the ransomware payout.

Lake City’s decision to pay the hackers behind their ransomware attack has not been well-received in the cybersecurity community because ultimately every time a government or private organization pays the ransom, it emboldens those behind the attacks to try for more.

Shlomie Liberow, technical program manager at HackerOne Inc., told SiliconANGLE that paying the ransom often seems like the only way to fix the problem, sinces operations can be halted or slowed for months while security teams work to recover the systems.

“However, paying the ransom only encourages cybercriminals, proving their tactics work and leading to further attacks,” he said. That’s why hospitals, councils and other critical services are top targets, since “they cannot afford to take the financial and timely hit that comes from a ransomware attack.”

Ilia Kolochenko, founder and chief executive officer of security testing firm ImmuniWeb, agreed.

“Until today, based on our experience, ransomware against such vulnerable classes of victims were either unsystematic or of relatively poor quality,” Kolochenko said. “However, with such lucrative and easy stakes on the table, cybercriminals will now willingly invest to prepare sophisticated, hardly detectable and well-targeted campaigns. It’s a paradise for black hats.”

Photo: Michael Rivera/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.