Ransomware attacks have become a worryingly common threat against public systems including schools and local governments as hackers hold critical data and services hostage for massive ransoms. Major cities like Baltimore and Atlanta have been crippled by such attacks in recent years, and officials have warned that attacks are a disturbing trend that governments must prepare for. Here are some cities that were crippled by ransomware attacks, and what their responses could mean for future stikes. Visit Business Insider's homepage for more stories.
As more of our everyday lives move online, the risks of hackers compromising personal information and shutting down necessary resources are only increasing. There were at least 104 ransomware attacks against administrative systems in schools and governments over the course of 2019, according to cybersecurity company Recorded Future. Ransomware attacks cripple a network's key services and functions as a hacker requests a massive ransom while holding government or school's data hostage. On October 2, the FBI issued a high-impact cyber-attack warning in response to increasing attacks on state and local government targets, including that threats faced governments in addition to health care organizations, industrial companies, and transportation entities. Here's how some cities handled the attacks, and what their responses could mean for future stikes. Atlanta, Georgia
An attack that struck the Georgia city's computer networks in March 2018 shuttered municipal courts and left residents unable to access services like its traffic tickets or water bill payment systems. The attackers demanded the government pay $51,000 in Bitcoin to unlock the government's encrypted systems, which officials denied they were planning on paying. Though the government denied paying the ransom, the city was hit with massive costs immediately after the attack, the city deployed several contracts with crisis communications and security agencies totaling $2.7 million. After recovery efforts across the government were rolled out over the course of one year and cost taxpayers around a reported $17 million, the city repeatedly said it did not pay the money demanded by the attackers. In November, two Iranian citizens were charged for the attack, as it was revealed the hackers were involved in a nationwide scheme to attack networks of small governments and other public systems. Baltimore, Maryland
On May 7, 2019, a ransomware attack struck the city and froze thousands of government computers, in addition to crippling dozens of other citizen services. The hackers demanded a ransom of approximately $80,000 worth of Bitcoin, which the government refused to pay, instead voting in August to take $6 million from parks and public facilities funding to help pay for "cyber attack remediation and hardening of the environment." After the Atlanta attack, the crippling of Baltimore's network marked the second significant shutdown of services in a major American city in the span of one year. St. Lucie, Florida
On December 17 2019, the St. Lucie County Sheriff's office was knocked offline, shutting down the sheriff's office email server and the fingerprinting and background check systems. Much of the office moved to paper record-keeping as the FBI stepped in to help get the networks back online. New Bedford, Massachusetts
The city of New Bedford was attacked on July 4, 2019, but the city had a stroke of luck as only 4% of government computers were online during the holiday. The hackers demanded a massive ransom of $5.3 million. The city instead offered a payment of $400,000 of insurance money. The negotiation tactic reportedly furthered the city's timeline for investigating and recovering the lost data, and officials later announced that insurance money would cover recouping the systems. New Orleans, Louisiana
The city declared a state of emergency and launched an investigation after the police department noticed strange activity on some of its computers around 5 a.m. on December 13, 2019, and had disconnected most of its computers and taken down the city's website by 11 a.m. to insulate department data. The Associated Press reports that the city's government was uniquely poised to respond to network outages because of systems in place for hurricane responses. The attack came after a larger one that targeted the state of Louisiana one month earlier, and after Louisiana school district computers issued the same response to an attempted hack in July. Greenville, North Carolina
A ransomware attack in April 2019 infected the majority of the city's 800 computers and locked all of the city's files after ransomware was first noticed on a police department computer. It took agents from the FBI, National Guard, North Carolina Department of Information Technology, and North Carolina Emergency Management to investigate and recoup from the attack. Within two weeks, the town was on the way to repair from its brush with the ransomware variant "RobbinHood" as officials publicly refused to pay the demanded ransom and got the city site back up by themselves. The attack was just one in an alarming trend spotted in the state, as by the end of August, Carolina's News & Observer reported that the North Carolina Department of Information Technology said more ransomware attacks were reported that year than all of 2018. Pensacola, Florida
A December 7, 2019 cyberattack crippled the city's network, which shut down the telephone systems, internet servers, and online payment systems at Pensacola's sanitation and energy departments. The hackers who claimed to be behind the attack demanded a ransom of $1 million, which the city never confirmed it paid. The Pensacola News Journal reported that the city employed Deloitte on a $140,000 consulting contract to investigate the circumstances around the attack and subsequent response. Wilmer, Texas
Wilmer, a town of just under 4,000 people in north Texas, was struck in August 2019 by a ransomware attack suspected to have originated in China or Russia that took its municipal computers offline. The town was one of the most badly hit areas as 22 other state and local governments in Texas were targeted on the same day, which triggered a "Level 2 Escalated Response," the second-highest possible emergency response level. Hackers who claimed responsibility for the attacks demanded a total $2.5 million ransom. Lubbock County issued a quick response, taking their own files offline and preventing hundreds of thousands of dollars in recovery efforts, according to the Wall Street Journal. Other governments refused to pay and worked in conjunction with the Texas Department of Informational Resources, but services like 911 and online payments took weeks to recover as officials turned to handwritten records.
More like this (1)
Sources: two US data recovery firms touting hi-tech solutions for unlocking data after ransomware attacks instead just paid the ransom and charged victims extra (ProPublica)
ProPublica: Sources: two US data recovery firms touting hi-tech solutions for unlocking data after ransomware attacks...ProPublica: Sources: two US data recovery firms touting hi-tech solutions for unlocking data after ransomware attacks instead just paid the ransom and charged victims extra — Firms That Promised High-Tech Ransomware Solutions Almost Always Just Pay the Hackers — As ransomware attacks crippled businesses …