Following the news that Riviera Beach City Council, in Florida, has just paid a $600,000 ransom demand after falling victim to ransomware three weeks ago, please see below comments from security experts at HackerOne, Nozomi Networks and Outpost24.
Shlomie Liberow, Technical Program Manager at HackerOne:
“The Riviera Beach City Council has taken a big gamble by paying the ransom as there are no guarantees the attackers will return any of the data, which could leave the city in an even worse situation. By paying the ransom, the council also encourages more of these types of attacks as it makes it more profitable for attackers.
This incident should act as a wake-up call to all organisations that anyone can fall victim to ransomware and the best defence is to continuously back up data. If Riviera Beach had carried out regular backups the damage would have been minimal and they could have recovered easily, without even considering paying the ransom.”
Edgard Capdevielle, CEO at Nozomi Networks:
“The attack against Riviera Beach City Council has once again highlighted that cybercriminals are turning their attention to critical infrastructure and government networks as they understand societies can’t function for long without their services. However, this does not mean it is ever a good idea to pay the ransom and there is no guarantee data will be returned. By agreeing to pay the hacker(s), the Riviera Beach City Council is fuelling cybercrime, making the ransomware industry more profitable for cybercriminals.
For ransomware, prevention is always better than cure and this involves organisations deploying tools that will help them immediately identify when something ambiguous is happening within the infrastructure. Applying artificial intelligence and machine learning for real-time detection and response, organisations can monitor for malware to rapidly discover and act to remove malicious code and the risks posed before harm is done.”
Martin Jartelius, CSO at Outpost24:
“When it comes to ransomware, the golden rule is never pay, however it seems like Riviera Beach City Council ignored this. Only time will tell if the city actually gets its data back, however history has shown the odds are not in their favour.
While some attackers use ransomware to make money, other use the malware to cause destruction and damage. If the attackers are motivated by destruction, it is unlikely Riviera Beach will get its data back anytime soon.
As a result of this, the best defence against ransomware is to continuously back up data and keep employees educated on phishing and malicious emails, as well as ensuring a defence in depth strategy to limit exposure, where an impact on a single system or user should not have caused a substantial effect across the entire organization.”