Ransomware is malicious software that cybercriminals can use to lock up your computer. It’s a problem if it happens to someone’s personal computer. But if crooks break into a town’s computer system, they can shut down important information like police records and tax payments.
Continue Reading Below
That’s probably why there’s an apparent increase in ransomware attacks targeting municipal government agencies. The cybersecurity firm Recorded Future said that, as of May, more than 170 city, county or state government systems had been attacked since 2013, including at least 45 police and sheriff’s offices.
Ransomware is most frequently spread through malicious links or attachments in emails. Adjusted losses attributed to ransomware rose from $2.3 million in 2017 to $3.6 million in 2018, according to the FBI. But authorities have said they may only be aware of a small fraction of these incidents, as some victims are too embarrassed to report the attacks.
The FBI encourages ransomware victims to not pay the requested ransom, as it encourages the attackers to continue and doesn’t guarantee that they will actually release the encrypted files.
But some local governments, faced with the loss of irreplaceable data, have given in and paid. Here’s a look at some recent ransomware attacks that have hit municipal governments and how much they cost:
Baltimore, Maryland — May 2019
Ransomware hit the city on May 7 and the hackers initially demanded a ransom of $80,000.
Officials have estimated recovering from the attack will cost $18.2 million. The city’s information technology office has spent $4.6 million on recovery efforts since and expect to spend another $5.4 million by the end of the year. Officials said another $8.2 million in revenue was lost or delayed as a result of the attack.
Investigators have also found that more than one group had breached Baltimore’s computer network.
In August, officials voted to transfer $6 million from a fund for parks and public facilities to help cover the costs of the attack. The city council is also considering a contract for cyber liability coverage.
Akron, Ohio — January 2019
A cyberattack forced the city to shut down much of its 311 system at the tail end of a severe snowstorm. Officials said the hackers were demanding a “five-figure sum” of money.
Mayor Dan Horrigan asked Gov. Mike DeWine for help from the Ohio National Guard Cyber Team. The governor approved it, and the state sent eight cybersecurity experts.
Akron didn’t need to pay the ransom because it had daily back-ups of all city files, officials said.
Lincoln County, North Carolina — July-August 2019
The county suffered two cyberattacks last summer. The first came on July 26, and authorities said hackers held the sheriff’s office computers and website hostage.
The second attack came on the night of Aug. 6 and crippled county communications, but officials said they were not made aware of any ransom requests.
The county worked with the FBI and the North Carolina National Guard’s IT disaster relief team to investigate and recover from the attacks. The sheriff’s office has been rebuilding their servers in stages, and the new systems should be safer. They’ve already spent $200,000 to upgrade equipment.
Lake City, Florida — June 2019
A cyberattack disabled the city’s computer systems for days. The town worked with the FBI and outside consultants to restore phone lines, email and utility payments.
The city’s information technology director was fired. City leaders approved paying the hackers 42 bitcoin, worth about $460,000, through its insurance company.
Riviera Beach, Florida — May-June 2019
Hackers apparently got into the city’s computer system when a police department employee clicked on a malicious link in an email. The city lost its email system and 911 dispatchers were unable to enter calls into the computer.
Officials agreed to have the city’s insurer pay 65 bitcoin, worth about $600,000, as it became apparent they wouldn’t be able to regain access to data, which hadn’t been backed up.
The city council also voted to spend $941,000 on hundreds of new computers and other hardware in order to rebuild its IT infrastructure.