Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

New Bedford Hit With $5.3m Ransomware Demand

A Massachusetts city has revealed that cyber-criminals tried to hold its data ransom to the tune of more than $5m over the summer, in a sign of the growing risk to organizations from online extortionists.

The city of New Bedford was hit with the popular Ryuk strain of ransomware in early July, encrypting data on over 150 workstations, according to mayor Jon Mitchell.

Fortunately, the attack came during the July 4 holiday when systems were powered off, preventing the malware from spreading further. The city’s Management Information Systems (MIS) staff disconnected servers and shut down systems when they came in the next day.

In the end only around 4% of the city’s PCs were affected.

Mitchell revealed in a press conference on Wednesday that the hackers wanted $5.3m in Bitcoin, a figure he countered with a much lower sum of $400,000 as this apparently would have been covered by cyber insurance.

The attackers rejected that sum outright, highlighting just how high the bar is now for victims of ransomware attacks. In New Bedford’s case the relatively small number of machines affected meant restoring from back-up was pretty straightforward and no critical systems were impacted.

Only the city’s financial management system and several workstations used by the Fire Department for admin purposes were temporarily affected.

“We live in a world now that is so interconnected that simply pulling up the proverbial drawbridge is unrealistic,” Mitchell said. “We will rely on the advice of our experts to guide us, but we must remain constantly vigilant and willing to devote the resources necessary to protect our system from a much more debilitating attack than the one we just experienced.”

New Bedford is just the latest in a long line of US cities targeted by ransomware. Two cities in Florida paid hundreds of thousands of dollars for decryption keys after being hit, while others including Baltimore, Albany and 23 government entities in Texas have also suffered major infections.

In July, the United States Conference of Mayors passed a resolution not to cooperate with ransomware attackers. However, when critical services like emergency responders are impacted, it can be difficult for city leaders not to cave, even if it’s not guaranteed that the decryption key will work.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

CISOs: Cloud is Now Safer Than On-Premises

2
News

Phishers Use SCA Checks to Trick Banking Customers

3
News

Data Leak Hits 2.5 Million Customers of Cosmetics Giant Yves Rocher

4
News

Dutch Insider Deployed Stuxnet: Report

5
News

Businesses Blighted by Impersonation Phishing Attacks

6
News

CPS Under Fire After Rise in Data Leaks

1
Webinar

The Persistence of Ransomware, New Variants & Better Tactics to Defend & Defeat

2
Blog

Security by Sector: Jaguar Land Rover & BlackBerry Seek to Improve Security in Manufacturing of Next-Gen Vehicles

3
News

Satori Botnet Man Pleads Guilty

4
News

New Bedford Hit With $5.3m Ransomware Demand

5
News

Google and YouTube Pay $170m in Kids’ Privacy Case

6
Opinion

Crowdsourced Security is Redefining the Gig Economy, and Not in a Good Way

1
Webinar

Can You be Secure by Design, Compliant and Enable Optimum Functionality?

2
Webinar

How SOAR Can Improve Security Operations, Monitoring & Incident Response

3
Webinar

Moving from FTP to MFT for Security, Functionality and Data Transfer Compliance

4
Webinar

Mobile Access: Best Practices for a Modern Security Approach

5
Webinar

Mastering the Security Art of Identity, Access & Authentication

6
Webinar

Preventing Email Data Breaches: A Modern Approach

1
Interview

Interview: Nigel Kersten, Field CTO, Puppet

2
News

#OSSummit: Don’t Ignore GitHub Security Alerts

3
Opinion

Complicated Compliance Made Easy

4
News

Astronaut Accused of Committing Cybercrime in Space

5
News Feature

Infosecurity Magazine Online Summit 2019: A Preview

6
News

VMware Plans $2.1bn Carbon Black Acquisition