On May 29, the city experienced “a data security event” when a police department employee opened an allegedly infected email attachment, which eventually resulted in the online system breakdown. The hackers allegedly encrypted government records, blocking access to critical information and leaving the city without an ability to accept utility payments other than in person or by regular mail.
A city spokeswoman, Rose Anne Brown said that the city had to spend over $900,000 on new computer software that had been planned for next year. Following the event, the city council unanimously agreed to pay 65 BTC ($592,000 at press time) to restore access to the data and get their systems back online, although there is purportedly no guarantee that the hackers will release the data upon receiving payment.
Michael van Zwieten, director of technology services at the Florida League of Cities, said:
“All cities, whether large or small, are by nature very cost-conscious when it comes to budgeting for technology investments. The mid- to small-sized cities are especially strained when it comes to finding the necessary resources to keep their technology current. There are only a finite amount of dollars that can be divvied up within the city to fund the services its citizens are expecting.”
In May, the city of Baltimore experienced a similar hacker attack, wherein cybercriminals allegedly took over roughly 10,000 government computers and paralyzed the work of the local utility system using a ransomware called RobbinHood. The hackers demanded nearly $100,000 worth of BTC to release the back up. The hackers threatened to increase the ransom in the event of not paying in four days.
In response, Baltimore Mayor Jack Young said that the city officials are “well into the restorative process” and “engaged leading industry cybersecurity experts who are on-site 27-7 working with us.”
As recently reported, blockchain intelligence firm Chainalysis claimed that 64% of ransomware attack cash-out strategies involve the laundering of funds via cryptocurrency exchanges. Among other ransomware cash-out strategies analyzed, 12% involved mixing services and 6% involved peer-to-peer networks, while others went via merchant services providers or dark web marketplaces. 9% of ransomware proceeds reportedly remain unspent.