Question:

What are the implications and challenges of Riviera Beach’s decision to pay $600,000 in bitcoin to a hacker who compromised its computer systems?

Answer:

Riviera Beach’s ransomware dilemma: To pay or not to pay?

Riviera Beach, a small city in Florida, recently made headlines when it agreed to pay $600,000 in bitcoin to a hacker who had encrypted its data and disabled its network. The ransomware attack, which occurred on May 29, 2020, was triggered by an employee who opened a malicious email attachment. The hacker demanded the payment in exchange for a decryption key that would restore the city’s access to its files and systems.

The city council voted unanimously to authorize the payment, hoping to end the crisis that had crippled its operations for three weeks. However, the decision has raised several questions and concerns about the implications and challenges of paying off cybercriminals.

One of the main implications of paying ransomware is that it may encourage more attacks in the future. By rewarding the hacker, the city may have sent a signal that ransomware is a lucrative and effective way to extort money from victims. This may attract more hackers to target other vulnerable organizations, especially those that provide essential public services and have limited cybersecurity resources.

Another implication of paying ransomware is that it may not guarantee the recovery of the data. There is no guarantee that the hacker will honor the agreement and provide the decryption key after receiving the payment. In some cases, the decryption key may not work properly or may cause further damage to the data. Moreover, the hacker may still retain a copy of the data and use it for other malicious purposes, such as identity theft, fraud, or blackmail.

The challenges of not paying ransomware

On the other hand, not paying ransomware also poses significant challenges for the victims. One of the main challenges is the cost and time required to restore the data and systems. Depending on the extent and severity of the attack, the victims may have to rebuild their network from scratch, recover their data from backups, or hire external experts to assist them. These processes may take weeks or months, and may incur substantial financial and operational losses.

Another challenge of not paying ransomware is the potential impact on the public safety and welfare. In the case of Riviera Beach, the ransomware attack affected the city’s ability to provide basic services, such as water treatment, emergency dispatch, and online payments. The attack also compromised the city’s records, such as payroll, budget, and vendor contracts. These disruptions may have serious consequences for the city’s residents, employees, and partners.

The best practices to prevent and respond to ransomware

Given the dilemmas and risks of paying or not paying ransomware, the best course of action is to prevent and prepare for such attacks in the first place. Some of the best practices to prevent and respond to ransomware include:

• Educating and training the staff on how to recognize and avoid phishing emails, which are the most common vector for ransomware infections.
• Implementing and updating the security software, such as antivirus, firewall, and encryption, to protect the network and devices from unauthorized access and malware.
• Creating and testing the backup and recovery plans, to ensure that the data and systems can be restored quickly and safely in the event of an attack.
• Reporting and sharing the information about the attack, to alert the authorities and the community, and to seek help and support from the experts and peers.

Ransomware is a serious and growing threat that can affect any organization, regardless of its size, sector, or location. Riviera Beach’s decision to pay $600,000 in bitcoin to a hacker may have solved its immediate problem, but it may have also created more problems in the long run. The best way to deal with ransomware is to prevent it from happening, and to be ready to respond to it if it does.

— : [https://www.cnn.com/2019/06/20/us/riviera-beach-to-pay-hacker/index.html](https://www.cnn.com/2019/06/20/us/riviera-beach-to-pay-hacker/index.html) : [https://www.nytimes.com/2019/06/19/us/florida-riviera-beach-hacking-ransom.html](https://www.nytimes.com/2019/06/19/us/florida-riviera-beach-hacking-ransom.html) : [https://www.palmbeachpost.com/news/20190619/riviera-beach-pays-600000-ransom-to-save-computer-records](https://www.palmbeachpost.com/news/20190619/riviera-beach-pays-600000-ransom-to-save-computer-records) : [https://www.washingtonpost.com/nation/2019/06/20/riviera-beach-florida-ransomware-payment/](https://www.washingtonpost.com/nation/2019/06/20/riviera-beach-florida-ransomware-payment/) : [https://www.forbes.com/sites/leemathews/2019/06/20/florida-city-pays-600000-to-ransomware-gang-to-have-its-data-back/](https://www.forbes.com/sites/leemathews/2019/06/20/florida-city-pays-600000-to-ransomware-gang-to-have-its-data-back/) : [https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html](https://www.csoonline.com/article/3236183/what-is-ransomware-how-it-works-and-how-to-remove-it.html) : [https://www.fbi.gov/file-repository/ransomware-prevention-and-response-for-ceos.pdf/view](https://www.fbi.gov/file-repository/ransomware-prevention-and-response-for-ceos.pdf/view) : [https://www.zdnet.com/article/this-is-how-much-a-huge-ransomware-attack-costs/](https://www.zdnet.com/article/this-is-how-much-a-huge-ransomware-attack-costs/) : [https://www.miamiherald.com/news/state/florida/article231623123.html](https://www.miamiherald.com/news/state/florida/article231623123.html) : [https://www.sun-sentinel.com/local/palm-beach/fl-ne-riviera-beach-ransomware-20190619-7z7ykytcd5gk7h2w4r7x5j7n4a-story.html](https://www.sun-sentinel.com/local/palm-beach/fl-ne-riviera-beach-ransomware-20190619-7z7ykytcd5gk7h2w4r7x5j7n4a-story.html) : [https://www.us-cert.gov/ncas/tips/ST04-014](https://www.us-cert.gov/ncas/tips/ST04-014) : [https://www.us-cert.gov/ncas/tips/ST06-001](https://www.us-cert.gov/ncas/tips/ST06-001) : [https://www.us-cert.gov/ncas/tips/ST05-014](https://www.us-cert.gov/ncas/tips/ST05-014) :

[https://www.us-cert.gov/ncas/tips/ST13-003](https://www.us-cert.gov/ncas/tips/ST13-003)