A second Florida city is giving in to the hackers behind a ransomware attack, offering them $500,000 to free its computers.
On Monday, Lake City authorized its insurer to send the hackers 42 bitcoins, according to The Gainesville Sun. The city itself will only pay a $10,000 deductible on its insurance policy, while the Florida League of Cities will pay the actual ransom fee.
The ransomware attack occurred on June 10, disrupting IT systems across the city, including email and landline phones. According to a city spokesman, the hackers used the Ryuk ransomware program to infect the municipal computers, and were able to encrypt various kinds of data, including city permits, email messages, payroll documents and historical data.
Ransomware works by encrypting files, and then holding them hostage until the victim pays up. The more dangerous strains, such as Ryuk, can also attempt to spread to other computers on the same network.
City officials initially said they were on the way to restoring municipal systems. “Data recovery efforts have so far been successful,” the city police department said two days after the attack.
However, local media reports say Lake City encountered troubles disinfecting many of the systems hit in the attack. The hackers then sent the city a ransom request for 42 bitcoins in exchange for a decryption key to free the computers.
“If this process works, it would save the city substantially in both time and money,” city manager Joe Helfenberger said in a statement.
Lake City spokesman Mike Lee said both the city’s insurer and IT staff recommended the city council authorize making the ransom payment. The hackers responded by giving a decryption key, which appears to be working, he added.
Last week, another Florida city, Riviera Beach, voted to let its insurer pay 65 bitcoins to the hackers behind a ransomware attack that infected municipal computers. The FBI and IT security firms generally advise against paying ransomware hackers. Doing so can keep the hackers well funded and incentivize them to strike again. There’s also no guarantee victims will get their data back.
To guard against ransomware attacks, security experts advise businesses and city governments to routinely backup any critical data and patch vulnerabilities in their IT systems.
Editor’s Note: This story has been updated with additional information from the Lake City’s public information officer.