A city in Florida has been the target of a massive cyberattack that disabled many of the municipality’s systems, forcing city leaders to pay off a hefty ransom to free the computers.
Ransomware crippled the systems of Lake City in North Florida on June 10. While the city’s IT staff managed to disconnect the impacted systems within minutes of detecting the attack, the ransomware managed to infect nearly all of the city’s systems. Fortunately, the city’s police and fire departments were unaffected by the tack, since they ran on a separate network.
However, the attack left Lake City’s systems disabled for almost two weeks. During this time, city staff worked with the FBI and an outside security consultant to restore capabilities such as phone lines, email, and online utility payments.
A week after the infection, hackers reached out to the city’s insurance provider – the League of Cities – demanding a ransom payment of 42 bitcoins.
Earlier this week, city officials held an emergency meeting and ultimately chose to pay the ransom demand, which is worth about $460,000. New York Times reported that the city’s insurance paid for most of the ransom, with Lake City paying only $10,000.
“With your heart, you really don’t want to pay these guys,” said Mayor Stephen Witt. “But, dollars and cents, representing the citizens, that was the right thing to do.”
Lake City is the second city to agree to a ransom in two weeks. Riviera Beach in Palm Beach County had previously paid $600,000 in bitcoin to its attackers. A third Florida city, Key Biscayne, recently reported that it too had suffered a cyberattack; it has yet to be determined if the attackers will demand a ransom.