The trend of hitting local municipalities with ransomware attacks has continued this summer, along with increased monetary demands. In a recent attack, a small city outside of Jacksonville, Florida had its computers totally disabled when a hacker infiltrated its system and demanded bitcoin in exchange for the city’s data. For several days, the city attempted to resolve the issue without paying by working with the FBI and a security consultant. While these attempts may have eventually been successful, the city ultimately determined that paying the hackers $460,000 would likely be the cheapest option available. This payment comes shortly on the heels of another Florida municipality paying $600,000 for a similar breach.
As smaller municipalities and corporations increasingly become targets for cyberattacks, they face the difficult choice between paying a ransom and hoping the hackers release their data, or refusing to pay and potentially losing sensitive or critical data. For instance, in this case the small town was unable to collect utility payments during the hack and did have insurance coverage that would pay most of the ransom, and the municipality determined that it had to pay off the criminals.
There are ways to lessen risks from cyberattacks, and avoid such no-win decisions. All entities, small and large, should make multiple backup copies of important data, including offsite data. Cyber insurance coverage and breach response plans are also vital to prepare for and limit the impact caused by breaches. Investing the time and effort now to prepare for a ransomware attack may prevent or minimize what could otherwise be a devastating event.