The city of New Bedford, Mass. — not too far away from us here at TechDecisions — recently avoided paying the $5.3 million hackers demanded of it after successfully launching a ransomware attack.
The town’s response? Bargain-and-stall. And it worked.
Not the usual method
An NPR article reports that after IT personnel discovered the attack the day after Independence Day this year, city officials decided to contact the hacker through the email address provided.
This isn’t what most cyber security experts recommend.
But, as city Mayor John Mitchell told reporters, the town was already lucky enough that most computers were note affected by the July 4th attack, since most of them were shut down at the time.
They wanted to take advantage of this and “buy more time” for the town to strengthen their security by counter-offering $400,000 — an amount similar to what other towns have settled in similar ransomware attacks.
The city’s insurance policy did cover ransom payments, so Mitchell said it wouldn’t have cost taxpayers anything.
And it worked: while officials were haggling with hackers, New Bedford’s IT personnel restored most of the affected data via backups.
New Bedford ransomware attack isn’t the only one
Over 40 cities and towns in the U.S. have suffered ransomware attacks, with 22 in just Texas, says The New York Times.
These are often the result of phishing emails which contain maleficent attachments; or through “drive-by downloading,” the NPR article says.
But the question of whether or not to pay the attackers is one which haunts the town officials who have to make the call.
A similar attack in Lake City, Fla. decided to pay because their backups were compromised, says NPR. That town of only 12,000 people paid $460,000 total, with $10,000 coming from taxpayer funding.