Ransomware gang demanded ransom of $5.3 Million but offered $400,000 from City of New Bedford
After executing the cyber attack that has disabled several New Bedford city computers, the hackers behind this incident has demanded ransom amount of $5.3 million for decryption key, so as to unlock the files encrypted in this cyber attack.
This incident occurred in early July, however the nature and details of this cyber attack were only revealed on Sep. 4, 2019, when Jon Mitchell, the New Bedford Mayor, spoke about this attack in a press conference.
According to the New Bedford Mayor, the ransomware has hit the IT network of New Bedford city between Jul. 4 and Jul. 5 night. During that night, a hackers group has breached IT network of the New Bedford city and then installed a ransomware type called Ryuk. This Ryuk ransomware is known for using as financial extortion purposes.
Mayor Mitchell said that this Ryuk ransomware has spread through New Bedford city's network and encrypted the data that was stored on 158 workstations, accounting for 4% of city's total PC fleet, thus blocking officials of the city from accessing them. As the attack happened during night, many city systems have been turned off; and so the ransomware did not infect the whole network.
The IT staff of the city discovered the ransomware on the next day after coming for work. They immediately disconnected infected computers from city's network, and thus able to contain this infection before it may cause even more damage.
"While the attack was still underway, the city, through its consultants, reached out to the attacker, which had provided an email address," said Mayor Mitchell on Sep. 4, 2019, in the press conference. He added that the hacker group demanded a ransom amount in Bitcoin equaling $5.3 million for decryption key.
Even after knowing that they could not pay the demanded ransom amount, Mayor Mitchell said that the city has decided to continue talking with hackers, so the IT staff can get more time for bolstering the city's defenses as well as protect their network in case the attackers might take other actions, apart from just running ransomware.
The city has also made counteroffer of $400,000, which was approximately the value that other municipalities paid recently as ransoms. The attackers declined $400,000 offer, and so the city has decided to restore their data from the back-ups.
MIS department of New Bedford has completely rebuilt server network, restored applications, as well as replaced the affected workstations. Insurance company of New Bedford city has made monetary contribution that was essential for recovery process.
» SPAMfighter News - 9/19/2019
We are happy to see you are reading our IT Security News.
We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!