Would you pay hackers $600K to get your city back?By Eli Sabatier
Though I rarely write real-time news articles, as a native Floridian I felt a duty and obligation to shed light on an unfortunate—and all too common—situation happening to the town of Riviera Beach. The City, with a population of just over 35,000 people, has agreed to pay $600,000 to the hackers who three weeks ago took the City’s IT infrastructure hostage via ransomware.
And like most instances of ransomeware, it was caused by one click on a malicious link sent via email. Shortly after clicking the link, the malicious code spread through all the City’s systems rendering a multitude of systems inoperable. Aside from email systems being unusable, systems that control water utilities went offline, and even 911 calls were unable to be logged into the appropriate systems.
But this is not where the story ends. Before agreeing to pay the ransom, the city first tried replacing all of the computers to the tune of $941,000. When that strategy failed, the City Council voted to then pay the perpetrators in hopes that the city would be “unlocked” from the malware.
The City Council first tried resolving the issue by paying $941,000 for new computers, but now it has decided to pay the full ransom.
What happens now? Will the hackers actually release the systems? Maybe. Maybe not. Even worse, depending on what type of encryption was in place, the hackers could now have access to files meaning that a massive data breach may have just occurred. And though that is a risk, to date Forrester Research analysts still claim that paying ransomware demands is a valid option even though ransomware attempts have increased by 500% this year alone.
So, where does society go from here? If analysts are telling us to pay ransomeware demands even though ransomeware instances are continuing to climb exponentially, are we as citizens expected to sit back and take it? Absolutely not.
In the case of cybersecurity, we have entered a time in history that calls for due diligence and extreme measures: building walls around our data and our devices, monitoring the cloud and its internet access, and more. In all, it’s about creating a stance that is built around comprehensive cyber resiliency—composed of technology and people.
As it pertains to technology, cybersecurity can no longer be left to IT teams alone. The expertise needed to create and maintain advanced security systems falls outside of their daily job descriptions—and so it should. Security is a highly verticalized speciality and the number of systems that need to be connected and continuously monitored is a project that requires special skillsets, many hours, and many more people than a single internal team.
But that’s not where it ends. There is also the people part of the equation. From creating human-centric processes, to understanding behavior, to ensuring that everyone is educated on the topic of cybersecurity—this alone would have stopped the Florida incident—will mitigate the risk of this happening to your organization.
And, finally, find a partner to help you create the best cybersecurity ecosystem for your organization. The right organization can help create the process, implement the right technology, and ensure that education is at the forefront of any cyber resiliency project.