Riviera Beach, Florida votes to pay $600K ransom after latest cyberattack
June 20 (UPI) — Hackers have targeted another city with another ransomware cyberattack — this time in South Florida, where officials have agreed to pay $600,000 to avoid the type of problems that have crippled Baltimore systems for weeks.
The cyberattack was launched three weeks ago against computerized systems in Riviera Beach, about 75 miles north of Miami, authorities said. This week, the city voted unanimously to pay the ransom — a move that drew some criticism. City officials believe it’s the only way to regain control of its systems and records, which the hackers encrypted.
The council has also agreed to spend more than $1 million on new computers and security. The FBI, Secret Service and Department of Homeland Security are investigating the attack.
Riviera Beach is at least the third city in recent weeks to be held hostage by hackers. Baltimore and Greenville, N.C., were hit by previous cyberattacks. Some systems in Baltimore, which has not paid a demanded $75,000 ransom, are still down.
It’s not yet clear whether the attacks are connected, or whether the same hackers are involved.
Maryland Gov. Larry Hogan issued an order this week to strengthen the state’s cybersecurity defenses. It creates the Maryland Cyber Defense Initiative and an Office of Security Management. The bodies will implement an “overall cybersecurity strategy.” It also creates a new position of chief information security officer, who reports to the governor.
The ransomware attack hit Baltimore on May 7 and is still causing problems with city computers, particularly billing services.
Baltimore County has also been affected by the hack. Officials there said Tuesday they have notified more than 14,000 residents about problems with sewer charges and property tax bills.
The city said, as a result, future bills will cover a larger time period and include a greater total than usual. Customers are encouraged to estimate their water bill costs and continue to make monthly payments or set aside the amount they typically pay to prepare for the cumulative bill. The city said it will offer payment plans to help and won’t assess late fees during the period that the service is interrupted.
State information security officer John Evans has said Maryland’s taking a “whole-of-government” approach to the recovery, according to minutes of the meeting provided to UPI. Baltimore, however, was not initially receptive to receiving help from state agencies immediately after the cyberattack.
“For the first week or so, it was very hard to actually get people in there to work with them,” Evans said. “I think that’s because there wasn’t a working, trusted relationship.”
Evans added that agencies initially severed contact with Baltimore as a precaution to prevent exposure to the ransomware.
Information technology officials have created a tool to protect systems against the version of RobbinHood used in the Baltimore attack, and is working on consolidating security tools and standardizing processes to streamline recovery efforts.