Greedy Hackers Get ZERO from U.S. City after Moronic $5.3 Million Bitcoin Ransom Demand – CCN Markets
When ransomware attackers targeted the city of New Bedford, Massachusetts, two months ago demanding $5.3 million in Bitcoin, they must have felt very confident when turning down a counter-offer of $400,000 that the city presented. That feeling probably turned to regret soon thereafter as it has now emerged that the U.S. city did not bid up.
According to Mayor Jon Mitchel, instead of offering more, the city decided to turn to its own devices to recover the data and restore the network after the counter-offer was outrightly rejected and no counter-demand made, per the South Coast Today:
Without a counter-offer, the City faced the prospect of negotiating against itself, a course I would not entertain, even if using insurance proceeds.
According to the Providence Journal, New Bedford has a $1 million cybersecurity policy with AIG.
In a press conference at City Hall, Mayor Jon Mitchell briefed the public regarding the impact of a ransomware-based cyberattack on the City’s computer system this summer. Details:https://t.co/RMELSDNsY8
According to Mitchell, the ransomware was a variant of the RYUK virus. The attack occurred early on July 5th prior to the start of the working day. Mitchell disclosed that 4% of New Bedford’s desktop and laptop computers, 158 to be precise, were affected.
The spread of the virus was contained by the quick actions of the city’s IT staff who ‘disconnected the city’s computer servers and shut down systems’.
Additionally, the spread of the ransomware was limited by the fact that most computers had been turned off due to the Fourth of July holiday which had been observed the day prior. Service delivery to residents remained unaffected, however.
How bad is the Ryuk ransomware?
According to cybersecurity firm Coverware, the Ryuk variant of ransomware is one of the most lucrative with the Bitcoin ransom being typically above the average in the marketplace. This has been attributed to the fact that it targets mid-large size organizations that have the capacity to pay rather than attacking individuals or small enterprises.
By not paying the Bitcoin ransom, New Bedford seems to have made the right decision though as the decryptor tool offered by Ryuk ransomware attackers has a low data-recovery success rate, per Coverware.
Per the cybersecurity firm, Ryuk ransomware’s decryptor tool is labor-intensive and takes longer to recover relative to other ransomware.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.