The Palm Beach Post by Tony Davis
June 19, 2019
RIVIERA BEACH — The Riviera Beach City Council authorized the city’s insurer to pay nearly $600,000 worth of ransom to regain access to data walled off through an attack on the city’s computer systems.
In a meeting, Monday night announced only days before, the board voted 5-0 to authorize the city insurer to pay 65 bitcoins, a hard-to-track cryptocurrency valued at approximately $592,000. An additional $25,000 would come out of the city budget, to cover its policy deductible. Without discussion on the merits, the board tackled the agenda item in two minutes, voted and moved on.
The dollar amount was not mentioned before or after the vote, only that the insurer would pay through bitcoins, “whose value changes daily.”
The city’s email and computer systems, at City Hall, the city’s Port Center offices and elsewhere, including those that control city finances and water utility pump stations and testing systems, are still only partially back online, two weeks after the ransomware attack was disclosed. But crucial data encrypted by the attackers remains beyond reach and there was no explanation of whether the city has any guarantee that the ransomers will release it if paid.
The FBI, Secret Service and Department of Homeland Security are investigating the attack, which officials said began after someone in the police department opened an infected email May 29.
More than 50 cities across the United States, large and small, have been hit by ransomware attacks during the past two years. Among them: Atlanta; Baltimore; Albany, N.Y.; Greenville, N.C.; Imperial County, Calif.; Cleveland, Ohio; Augusta, Maine; Lynn, Mass.; Cartersville, Ga.; and in April, nearby Stuart.
The Atlanta attack alone cost that city an estimated $17 million, Vice News reported.
The Palm Beach County village of Palm Springs was hit in 2018, paid an undisclosed amount to ransom but nonetheless lost two years of data, according to one source who asked not to be identified.