“no explanation of whether the city has any guarantee that the ransomers will release it if paid.”
Probably hold ‘em up for more.
Where did they send the check?
The city already planned to spend $300,000 for equipment replacements in the next budget and will accelerate that expense, Councilwoman Julie Botel said. Much of the existing hardware was a half-dozen years old and vulnerable to another malware attack, so it was time to replace it anyway, she said.
—
None of that will make an ion of difference in a ransomware attack, but the city council and the writer are ignorant of this. Surprised they didn’t blame “Russians”.
These generally do, only because no one else will ever pay a ransom if they don't. That is not to say the victim is going to be left alone afterward. But as Baltimore just found out, it can be many times more expensive to fix if you haven't been doing your IT homework than it is simply to pay the ransom.
Diligent, thorough backups and keeping the patch levels up to date and this doesn't happen. Laziness and lack of professionalism and it does. Choose.
A relative of mine predicted this some time ago.
He said corporations, governments, businesses would rue the day they gave up their control over THEIR OWN data.
Baltimore suffered a ransomware attack a few weeks ago. Far as I know, they never paid the ransom. $70,000. Yea, the price of a new luxury car.
They never got around to installing the patch from Microsoft and it’s cost tens of millions of dollars so far.
They are asking people to estimate their water bills and hand deliver the money to their office. Yea, I’ll get right on that Sparky.
Total gross incompetence at many levels.
I’m sure this reveals my ignorance but I have to ask:
Why are these ransoms paid in Bitcoin? Why do these news articles always say Bitcoin is untraceable? Isn’t everything we do on the internet traceable somehow? Including Bitcoin payments?
Are the people who run Bitcoin completely outside the jurisdiction of any law enforcement anywhere in the world? Even if Bitcoin payments are made anonymously, wouldn’t law enforcement somewhere be able to subpoena records, and drill down and find out who was extracting Ransom?
Pardon my apparent ignorance on the subject, but none of the news stories I’ve heard about various Bitcoin ransoms have ever addressed the questions I’ve just posed here.
Good reason for a small city to go back to paper records or disconnect vital information from the internet.
The taxpayers need to send the bill to the council members and kick them out of office. Then find the evil hackers and hang them on the courthouse square as a lesson to future hackers.
I have begun to wonder if some of these ransom-ware attacks are “inside jobs.”
Specifically - are people with lawful access to the system deliberately clicking on infected emails, and then receiving a share of the ransom?
Or - are people with lawful access creating and implementing the attack and keeping ALL the ransom?
Fire the IT dept. it’s absolute
Incompetence what to have a daily back of all data.
L8r
Riviera Beach, a constant source of corruption.