Submitted via IRC for Bytram
A tale of two cities: Why ransomware will just get worse
Earlier this week, the city of Riviera Beach, Florida, faced a $600,000 demand from ransomware operators in order to regain access to the city's data. The ransom was an order of magnitude larger than the ransom demanded by the attackers that struck Baltimore's city government in May. Against the advice of the Federal Bureau of Investigation, however, the Riviera Beach city council voted to pay the ransom—more than $300,000 of it covered by the city's insurance policy.
Baltimore had refused to pay $76,000 worth of Bitcoin despite facing an estimated ransomware cost of more than $18 million, of which $8 million was from lost or deferred revenue. Baltimore lacked cyber insurance to cover those costs.
Riviera Beach is much smaller than Baltimore—with an IT department of 10 people, according to the city's most recent budget, and an annual budget of $2.5 million to support a total city government of 550 employees. (Baltimore has about 50 IT staffers supporting more than 13,000 employees by comparison.) It's not a surprise that Riviera Beach's leadership decided to pay, given that a full incident response and recovery would have likely cost two to three times what they've agreed to pay the ransomware operators, and half of that price tag is covered by insurance. So, Riviera Beach's decision to pay looks like the easiest way out. It's a decision that has been made by many local governmental organizations and businesses alike over the past few years.
Except, it probably isn't an easy way forward. Riviera Beach will still face the costs of fixing the security issues exploited by a phishing email opened by a police department employee. There's no guarantee that data was not stolen from the network, as apparently happened in Baltimore. And the paying of the ransom indicates the city doesn't have an effective disaster recovery plan. Without major upgrades, Riviera Beach could soon end up in the crosshairs of another ransomware attack—especially now that they've shown they'll pay.
Both the Riviera Beach and Baltimore ransomware attacks, along with the half-dozen known recent ransomware attacks against local governments, are indicative of just how unprepared many governments (and businesses) are for ransomware. Over the past few years, ransomware has exploded: data from the FBI shows that another organization is hit by ransomware every 14 seconds, on average. And this trend shows no signs of slowing—in fact, a new trend of targeted ransomware, seeking even bigger payouts, is emerging, in which more sophisticated organizations go specifically after businesses and other organizations more likely to pay out.
(Score: 0) by Anonymous Coward on Saturday June 22 2019, @05:59PM
They will all just be transferred to a new division of the code enforcement office.