Lake City , Florida paid out abitcoin ransom money worth $ 460,000to hacker who disabled the city ’s data processor systems with advanced ransomware last month , spicy on the heels of a$600,000 ransompaid out in similar circumstances by Riviera Beach , Florida just calendar week later . Now , as flagged from local medium reportsby ZDnet on Monday , the city has fired its managing director of information technology .
According to WCJB , city manager “ Joe Helfenberg confirmed that the director of information technology , Brian Hawkins , was send away ” as a result of the attack , which hit servers , email networks , and phone lines . Helfenberg “ estimates that the city should make a full retrieval from the attack in about two weeks , ” WCJB wrote .
Lake City officials described the incident as a “ triple threat , ” according to ZDnet , and it has since been determined that an employee downloaded an infected document they had received via e-mail . That pose off a chain of events involve three freestanding malware variance sometimesused in concertin cyber attack . The initial document comport the Emotet trojan horse , which installed itself and subsequently downloaded another trojan called TrickBot and the Ryuk ransomware . Ryuk then fan out throughout metropolis system of rules , locking them down and need a ransom money . Only the law and fire section system were spared as they were on a unlike host , according to the New York Times .
Photo: Wilfredo Lee (AP)
The Times report that after several days of work with the FBI and security measures consultants to decide the issue , metropolis official reluctantly specify that it would be cheap and more efficient to simply pay up off the hack . The city view as the employee in question to have leave alone city networks vulnerable to attack , but he was not the person who download the malicious affixation , the Times added .
Brett Callow , a spokesman with certificate business firm Emsisoft , told Gizmodo via email that there was a “ small chance they may have been able to save half a million bucks , ” as researchers have figured out how to decrypt some version of the ransomware affect . Callow said Emsisoft had succeeder in decrypting Ryuk in “ about 3 – 5 % of cases ” and growing using two free service : a site calledID Ransomwarerun by Emsisoft researcher Michael Gillespie in his excess clock time that identifies malware variants , and decrypting softwareavailable on their website .
Callow also noted that aprior probe by ProPublicashowed that some datum recovery firms promising ransomware solutions finish up just paying the ransom money , adding that “ This really highlights problems that the lack of communication and coordination between the private sector and US law enforcement can potentially make . ” Emsisoft has collaborated closely with the Europol and European Cybercrime Centre , Callow wrote , but its principal technical officer Fabian Wosar severalise ProPublica the FBI had responded with basic questions that showed they were unfamiliar with ransomware on a technological level in one incident , as well as disregard what he tell was a “ very red-hot lead ” on the developer of a ransomware variant bring up ACCDFISA .
“ Our metropolis manager did make a determination to terminate one employee , and he is revamp out whole IT department to follow with what we require to be able to overcome what fall out this last week or so and that ’s so it does n’t happen again , ” Lake City Mayor Stephen Witt said , according to WCJB . He added that the decryption key provided by the hacker appear to be working .
Paying the hacker is controversial because it almost sure enough encourages further attack , whether or not official believe they have little choice in the thing . Sometimes , as come to a similarly afflict Kansas infirmary in 2016 thatchose to pay the ransom , the hackers will only seek to squeeze more payments from the target .
“ First of all , that money is then used to proliferate this activity , ” FBI cyber criminal offense supervisory special agent Joel DeCapuatold security firm Symanteclast year . “ You ’re paying these unfit worker to target other people . Second , organizations that pay a ransom money think their problems are over . But a fortune of time there ’s a mickle of tight malware left on their systems that they do n’t fuck about . you’re able to pay , but there ’s still malware on there , re - infecting the organisation or stealing information . ”
Ransomware attacks on municipal systems have recently made big headlines , with estimates of such incidents in the U.S.running into the 100 . In other June , Baltimore officials recently forecast the monetary value of an attack using the RobbinHood ransomware that hit around 10,000 city computersat $ 18 million and numeration . ( They declined to pay the ransom money . ) Officials with Georgia ’s Judicial Council and Administrative Office of the Courts confirm their systems had been contaminate with ransomware on Monday in what Ars Technica reportedappears to be another Ryuk attack .
Correction / illumination : A prior edition of this article state that the New York Times cited Emsisoft as enunciate that security experts had “ successfully unscrambled Ryuk ransomware in 3 to 5 pct of cases . ” In fact , Emisoft says that number reflects their own succeeder rate . to boot , this clause has been updated with further input from Emsisoft .
[ ZDnet ]
CybersecurityHackersHackingSecurityTechnology
Daily Newsletter
Get the best technical school , science , and culture intelligence in your inbox daily .
News from the time to come , delivered to your present .
You May Also Like
