The mayor of Lake City told CBS 47 Action News Jax on Tuesday that the small city in northern Florida would give the hackers $460,000 to hand back control of email and other servers seized two weeks ago.
“I would’ve never dreamed this could’ve happened, especially in a small town like this,” Lake City Mayor Stephen Witt told Action News Jax.
The CBS News affiliate said the ransomware attack froze city workers out of their email accounts and made it impossible for members of the community to pay city bills online.
Witt told Action News Jax that it was a difficult decision to accept the hackers’ demands, but noted the city’s “insurance will cover all of it except $10,000,” which he said taxpayers would have to stump up in the form of higher insurance rates down the road.
The Lake City decision came a week after the city council in Riviera Beach voted unanimously to pay hackers $600,000, believing the Palm Beach suburb had no choice if it wanted to retrieve its records, which the hackers had encrypted. The council already voted to spend almost $1 million in spending on new computers and hardware after hackers captured the city’s system in May.
As in Lake City, the hackers apparently got into the city’s system when an employee clicked on an email link that allowed them to upload malware. Riviera Beach had numerous problems, including losing its email system and 911 dispatchers not being able to enter calls into the computer.
According to the U.S. Department of Homeland Security, ransomware is the fastest growing malware threat, targeting both individuals and organizations. In 2018, the massive “SamSam” virus disrupted the flight information system, baggage displays and email at Cleveland Hopkins International Airport, while another attack crippled computers at the Port of San Diego.
City governments in Atlanta, Newark, N.J., and Sarasota, Fla., also have been hit by ransomware schemes. And hackers have taken the information systems of dozens of U.S. hospitals hostage.
“Ransomware is commonly delivered through phishing emails or via ‘drive-by downloads,'” according to Homeland Security. “Phishing emails often appear as though they have been sent from a legitimate organization or someone known to the victim and entice the user to click on a malicious link or open a malicious attachment.”