Hackers know vulnerable systems when they see them, and they also know this: Many government systems are decades old, running Windows 7 and even Windows XP.
1. Georgia/Atlanta Courts
Last month the Georgia court system was hit with a ransomware attack, resulting in at least part of its digital information systems being taken offline. Officials at the Administrative Office of the Courts confirmed the attack and said not all court systems were affected. As a precaution, the network was taken offline and the IT department worked with third parties to determine the nature of the attack.
The attack on the courts wasn’t Georgia’s first foray into a ransomware case. Back in March 2018, computer systems for the City of Atlanta were hit with ransomware, an attack that significantly disrupted city government operations and caused millions of dollars in losses. In that case, Atlanta refused to pay the $50,000 ransom and has since paid out millions to recover from the incident.
2. Riviera Beach, Florida
This small town north of West Palm Beach stunned the cyberworld this past spring when it paid in excess of $600,000 to restore the municipality’s systems from a ransomware campaign. The attack, which began on May 29 when a police department employee opened a malicious email attachment, ultimately disabled all of the city’s online systems, including email, a water utility pumping station, some phones, and the ability to accept utility payments online or by credit card. In addition to the ransom payment, Riviera Beach moved the purchase of $900,000 in new computer hardware forward a year to replace infected systems.
3. Lake City, Florida
Following a ransomware attack in which Lake City, Florida, paid out $460,000, the city fired its director of information technology. The attack shut down the city’s phones, servers, and email systems. The actual ransom was paid through the city’s insurer, the Florida League of Cities. As of early July, the city was revamping its entire IT department to overcome the incident and setting up a system to ensure it doesn’t happen again. As of late July, Mayor Stephen Witt reported that the decryption key has been working and the city’s systems were fully up and running.
4. Baltimore, Maryland
The City of Baltimore was hit with a major ransomware attack in the spring that locked down its servers and left the city’s government without email, telecommunications, and disrupted real-estate transactions and bill payments. The city has kept the details of the May 7 attack largely under wraps over the past several weeks.
Meanwhile, some security experts obtained and studied samples of the so-called Robbinhood ransomware used in the attack, shedding some light on the code used in the devastating attack. Following the advice of the FBI, the city refused to pay the ransom. In a report published in Engadget, city officials estimated that the aftermath of the attack would cost the city $10 million, in addition to the $8 million lost while the city could not process payments.