For the second time in a week, a Florida town has been forced to pay a ransom to hackers in order to regain control of government computer systems.
It's reported that Lake City, a town located in the north of the state, has paid out almost $500,000 in bitcoin after a ransomware attack brought down most of the town's municipal email systems and landline phones.
It comes just one week after officials in Riviera Beach, a town in the south of the state, were forced to pay out $600,000 to regain control of their hacked systems.
Lake City's municipal systems had been down since 10 June after falling foul of a malware attack known as 'Tripple threat' - a ransomware program that combines three different methods of attack to target network systems.
Lake City mayor Stephen Witt told CBS on Tuesday: "I would've never dreamed this could've happened, especially in a small town like this."
Although Lake City has yet to say how the ransomware was spread to its systems, the attack on Riviera Beach was reportedly the result of an employee opening a malicious email attachment, according to the New York Times.
The virus took down all of Riviera Beach's online systems, including email and some phones, as well as water utility pump stations.
"Anything that was done online, we did not have access to," city spokeswoman Rose Anne Brown told the newspaper.
Andrea Carcano, CPO of Nozomi Networks, said the two attacks were "a testament to the growing use of ransomware attacks to target US cities".
"This is a scary reminder of the damage cybercriminals can inflict when they target critical infrastructure and government services," she said. "However, by agreeing to pay the ransom both councils are only fuelling the profitability of the ransomware industry for attackers."
In 2018, a ransomware attack on Alaskan borough Matanuska-Susitna was so severe that one of its offices had to resort to using typewriters while its systems were repaired. In May, the city of Baltimore lost control of its public services for more than two weeks after a ransomware attack crippled its government's computer systems.
Unlike Lake City and Riveria Beach, however, Baltimore officials refused to pay out. On that occasion, hackers had demanded 13 bitcoins, valued at just under $100,000 at the time, but city officials were advised by the FBI not to give funds to the hackers.
According to the Baltimore Sun, the recovery operations cost Baltimore approximately $18.2 million.
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
LockBit data dump reveals a treasure trove of intel on the notorious hacker groupNews An analysis of May's SQL database dump shows how much LockBit was really making
-
‘I take pleasure in thinking I can rid society of at least some of them’: A cyber vigilante is dumping information on notorious ransomware criminals – and security experts say police will be keeping close tabsNews An anonymous whistleblower has released large amounts of data allegedly linked to the ransomware gangs
-
It's been a bad week for ransomware operatorsNews A host of ransomware strains have been neutralized, servers seized, and key players indicted
-
Everything we know about the Peter Green Chilled cyber attackNews A ransomware attack on the chilled food distributor highlights the supply chain risks within the retail sector
-
Scattered Spider: Who are the alleged hackers behind the M&S cyber attack?News The Scattered Spider group has been highly active in recent years
-
Ransomware attacks are rising — but quiet payouts could mean there's more than actually reported
News Ransomware attacks continue to climb, but they may be even higher than official figures show as companies choose to quietly pay to make such incidents go away.
-
Cleo attack victim list grows as Hertz confirms customer data stolen – and security experts say it won't be the lastNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
‘Phishing kits are a force multiplier': Cheap cyber crime kits can be bought on the dark web for less than $25 – and experts warn it’s lowering the barrier of entry for amateur hackersNews Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
