US city votes to pay ransomware demand

(Image credit: Pixabay)

A city in Florida is giving in to a ransomware demand in hopes of getting its data back, despite cybersecurity experts’ usual advice never to do so.

After Riviera Beach’s city network got infested with ransomware, and all of its data locked behind an encryption key, the city’s council voted to give into the demand and pay the hackers $600,000 worth of bitcoin.

This is obviously a highly risky move because they can never know for certain if paying the ransom will actually get their data back. The city’s expenses will be covered by its insurance provider, if that’s any consolation.

It all started when an employee with the police opened an email with a malicious payload. The payload launched the ransomware, locking down files across the city’s network. Employees have had to be paid via checks, and 911 dispatchers couldn’t enter calls into their system, Engadget reports. The service was still fully operational, despite the difficulties.

This is not the first time Riviera Beach has had to pay up extra cash to sort out a cybersecurity incident. Late last month, it spent almost $1 million to replace most of its hardware, after a hostile takeover.

Cybersecurity experts usually warn businesses and public sector organisations against paying ransom. Baltimore listened to such advice, when it was recently targeted by ransomware and asked for $76,000. It ended up paying more than $18 million in various damages to get things up and running again.

Image Credit: Pixabay