Riviera Beach, Fla., pays $600,000 ransom payment

The Riviera Beach City Council voted this week to pay a 65-bitcoin, or $600,000, ransom in an attempt to have its computer system decrypted following a May 29 ransomware attack.

This is in addition to the $914,000 the Florida city has had to pay for new computers damaged in the attack.

The city council based its decision on the council of an outside security firm it brought in to help handle the issue. City spokeswoman Rose Anne Brown told CBS Miami the city has been working with outside security consultants, who recommended the ransom be paid even though there was no guarantee the payment would result in the files being restored.

The city’s insurance company negotiated with the attackers, reported The Palm Beach Post,and is expected to cover the ransom's cost. The city’s IT manager reported some services are back online, but it was not clear if this was due to making the payment.

SC Media has requested further comment from the city.

The Florida city’s nightmare began when a police department employee opened a malicious email resulting in malware encrypting almost every city computer network, including its 911 emergency system, email, online bill payments and payroll.

The decision to pay a ransom is controversial mainly because there is no guarantee the criminals will acquiesce and send the decryption keys.

“The Riviera Beach City Council has taken a big gamble by paying the ransom as there are no guarantees the attackers will return any of the data, which could leave the city in an even worse situation. By paying the ransom, the council also encourages more of these types of attacks as it makes it more profitable for attackers,” said Shlomie Liberow, technical program manager at HackerOne.

Riviera Beach is not the first municipality or business to make this decision. Jackson County, Ga. caved to the demand paying its attacker $400,000 in March 2019 as did Columbia Surgical Specialists of Spokane, Wash., which paid $15,000 ransom.

Ilia Kolochenko, founder and CEO of ImmuniWeb, pointed out that not only might the criminals not keep their end of the bargain, but also encourages others to launch ransomware attacks.

“This is very alarming news that will likely spur an unprecedented spike of ransomware attacks on the critical infrastructure of small cities that are inapt to duly protect themselves,” he said.

Riviera Beach is not alone in being targeted as it joins Baltimore and Atlanta and at least 20 other municipalities around the country. Baltimore and Atlanta refused to pay resulting in recovery costs of $18 million and $17 million, respectively.