Ransomware Thugs Extort Indiana County for Over $130,000 in Bitcoin

Days after the U.S. Conference of Mayors passed a resolution opposing the payment of ransoms by cities following a ransomware attack La Porte County’s government has done the opposite after its files were encrypted. According to WSBT-TV, the municipality has paid a Bitcoin ransom worth approximately $130,000 to cyber attackers who encrypted its files.

At the current prices, this translates to about 11.3 Bitcoin. La Porte County will pay $30,000 while its insurer will pay the bulk of the ransom. The cybersecurity insurance policy was reportedly authorized last year.

FBI’s decryption software fails the test

The decision to pay the Bitcoin ransom was made after leaders of the municipality consulted FBI’s cyber experts and determined that the Bureau’s decryption software could not unlock the encrypted data.

The cyberattack occurred on July 6th and disabled the municipality’s computer network, website and email systems. The malware was identified as the Ryuk ransomware. According to malware support firm Coveware, Ryuk was the third-largest ransomware by market share in the first quarter of 2019 behind Dharma and GandCrab.

That the cyber attackers unleashed Ryuk ransomware on La Porte is in line with trends already established. According to the FBI, the Ryuk has had a ‘disproportionate impact’ on among others ‘small municipalities’.

Did La Porte do the right thing by paying the Bitcoin ransom?

La Porte’s decision to pay the ransom is similar to the action taken by Florida’s Riviera Beach City which forked out around 65 Bitcoins. However, FBI has strongly discouraged this in the past claiming that it is rewarding criminal behavior and that cybercriminals can’t be trusted to keep their end of the bargain:

The FBI does not encourage paying a ransom to criminal actors. Paying a ransom may embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of…

Source Link