As the city of Knoxville quietly deals with a ransomware attack that has hampered some of the city’s online services and has made police cruiser computers obsolete, Knox News has focused attention at what other cities have done to give a sort of playbook for the city.
What we found is what you might expect: Some cities have paid the ransom, and some have refused to pay. Either way, it's expensive.
Ransomware attacks hold organizations' websites or internal systems hostage until a fee is paid.
Paid up
Paying the ransom is highly discouraged, according to industry leaders and law enforcement. Making the payment emboldens hackers and doesn’t ensure data will return to you or that the hackers won't be able to worm their way into the system and do it again.
Still, some cities find their situations too dire or feel insulated by an insurance policy and opt to pay anyways. The level of attack severity varies from place to place, too. One city may be entirely crippled by an attack while another sees the attack as an annoyance.
More: Does Knoxville's cyber insurance help or hurt as it fights a ransomware attack?
Knoxville's strategy is unknown and the city has consistently refused to answer questions about the attack. David Brace, chief operations officer and deputy to Mayor Indya Kincannon, previously told The Compass the city has “data-recovery insurance,” but not specific ransomware insurance which he said is “incredibly expensive.”
If the city chose to pay the ransom, it would look something like the following:
Earlier this month the City Council in Florence, Alabama, voted unanimously to use money from the city’s insurance fund to pay nearly $300,000 in ransomware payments, according to local reports.
“We’re having to approach it from the standpoint that we’re going to have to assume — we know they have some of our information, we don’t know that they have our critical information, frankly don’t think they do but we don’t know,” Mayor Steve Holt said at the time.
Last year, the city of Cartersville, Georgia, did the same, agreeing to pay $380,000 in non-tradable Bitcoins and another $7,755 for transaction fees and negotiators, according to the local newspaper, The Daily Tribune.
The money came out of the city’s property and casualty insurance and was much less than the $2.8 million the hackers originally demanded, the report stated.
Similarly, Lake City, Florida, paid hackers roughly $480,000 last year after many of the city’s systems were determined to be unrecoverable by back channel means, according to reports. Again, like elsewhere, the city had an insurance policy with a deductible that was only a few thousand dollars.
Atlanta’s 2018 ransomware attack is widely considered one of the worst in recent years and though officials claimed to not have paid the roughly $50,000 ransom, after federal authorities charged two Iranian citizens with the attack, the Atlanta Journal Constitution reported the claim is unlikely as the federal indictment references payments being made.
Overall, Atlanta’s attack was expected to cost taxpayers some $17 million.
Didn’t pay
Officials in New Bedford, Massachusetts, fell victim to a ransomware attack last summer and the hackers demanded bitcoin payment equal to $5.3 million, according to a local report. The hackers denied the city’s counter-offer of $400,000, money that came from insurance coverage.
Rather than offer more, the city opted to recover its data on its own, a move that would have cost in the hundreds of thousands but was covered by insurance.
New Bedford Mayor Jon Mitchell told Forbes the move doesn’t always work, but despite some additional IT staffing costs it did in this case.
Mecklenburg County, North Carolina -- whose county seat is Charlotte -- refused to pay a $23,000 ransom for locked files in 2017, according to reports. It took months for the system to completely recover, but unlike some places, the damage was minimal and the county only ended up paying some $10,000 in damages and overtime costs.
Earlier this month, Knox News reported on similar ransomware attacks in Collierville and Johnson City. Neither municipality paid the ransom.
Still, it was a costly ordeal. Johnson City purchased new software to help shore up security and opted to replace about 350 compromised computers for nearly $400,000.
Similar outcomes occurred in other cities like Baltimore, whose mayor refused to pay the roughly $76,000 ransom when the city was slammed with a ransomware attack last year. The city’s budget office has since estimated the attack will cost at least $18.2 million – a combination of lost or delayed revenue and direct costs to restore systems.
Not so fast
Sometimes municipalities jump the gun, giving the “all clear” before the total impact of the attack has been realized.
In a ransomware attack earlier this year in Torrance, California, the city originally stated “public personal data has not been impacted,” only to have to say nearly two months later that hackers stole a huge trove of computer files containing sensitive personal information of employees and others.
Knoxville leaders have already had to walk back one statement.
Hours after the attack, city officials met with reporters and said things were under control and police and fire response was not hampered. However, soon after that conversation Knoxville Police announced officers would not respond to car crashes unless they involved injury or a disabled vehicle blocking traffic because they can’t access their electronic reporting system. That is still the case.
On the day the attack was found David Brace, chief operations officer and deputy to Mayor Indya Kincannon, said the city’s initial assessment indicated that no financial or personal information had been compromised. The city said it does not store credit card information used to make payments. Online reservations for city facilities are not believed to be at risk, either.
The city has continually refused to answer questions about the attack, including whether there is new information that would indicate personal or financial records were stolen.
Email Tyler Whetstone at tyler.whetstone@knoxnews.com and follow him on Twitter @tyler_whetstone. If you enjoy Tyler's coverage, support strong local journalism by subscribing.
"expensive" - Google News
June 24, 2020 at 04:10PM
https://ift.tt/3hZqdMc
Should Knoxville pay ransom to get files back, yes or no? Either way, it's expensive - Knoxville News Sentinel
"expensive" - Google News
https://ift.tt/2GwwnlN
Shoes Man Tutorial
Pos News Update
Meme Update
Korean Entertainment News
Japan News Update
Bagikan Berita Ini
0 Response to "Should Knoxville pay ransom to get files back, yes or no? Either way, it's expensive - Knoxville News Sentinel"
Post a Comment