Another city ransomware attack, another payment to the attackers. Another win for the bad guys, and another loss for the rest of us. The question is, are you going to do anything about it?
This time the news comes from Lake City, Florida. The 12,000+ citizens of the small(ish) northern Florida town will foot the 42 bitcoin (~$500,000) bill for the city’s poor preparation. Actually, insurance will cover the direct cost and the city only pays $10,000. Chalk up another loss up for U.S. cities (and their citizens). The money the attackers walk away with will most certainly be used to attack other victims, including other cities. Oh, and as far as insurance goes, we all pay a price in higher insurance premiums and limited coverage options. Insurance companies aren’t in the business of losing money.
The quote of the day; “I would’ve never dreamed this could’ve happened, especially in a small town like this” – Lake City Mayor Stephen Witt.
(BTW, I don’t view this as his fault. We, the information security community, obviously failed in reaching him with the message)
Additional details of this latest ransomware payment:
So, what are YOU going to do about this? Yes, you! When I refer to “you”, I’m referring to everyone/anyone, security people and non-security people alike. All of us are in this together.
Should we wait until your city gets hit, or maybe we believe in the false narrative that it will never happen to you/your city?
Will your mayor or local government official be quoted on the news, having “never dreamed” that such a thing could happen?
DO SOMETHING – START HERE
Earlier this week, I posted an article about an email that I was going to send to my city and county officials. I sent the emails a couple of days ago, but haven’t heard anything back yet. Not to worry, I’m determined (and so should you be).
One of the things I didn’t really expect was for people to follow my lead. It was impressive to read and hear about people who took this as a call to action. They’ve been inquiring of their local governments about ransomware protections too! That’s great news! So far, more than a dozen people have told me that they have written their city and/or county government. Some are even getting good responses back.
Here’s what I’m asking you to do:
- If you haven’t emailed your city and county government officials (inquiring about their ransomware readiness), PLEASE DO IT.
- If you’ve emailed your city and/or county government officials, but haven’t received a response within a few days. PLEASE EMAIL AGAIN. Stay engaged until you get an answer.
- If you’ve emailed your city and/or county government officials, and have received a response PLEASE SEND THE RESPONSE TO US. You can send it to us through the UNSECURITY Podcast email address (email@example.com).
- No matter what you do, please follow these rules:
- DO – Always be courteous.
- DO – Always be respectful.
- DO – Help if you can.
- DO – Remember the goal, we are trying to help and we are trying to prevent more occurrences of the Atlanta, Baltimore, Riviera Beach, and now Lake City ransomware events.
- DO – Ask us questions and make suggestions (firstname.lastname@example.org).
- DON’T – Try to answer questions that you don’t feel (or know you’re not) qualified to answer. Email email@example.com, and we’ll find a good resource/answer for you.
- DON’T – Use threatening language or insinuate threats of any kind.
Feel free to use this sample email template that I used or create your own.
Dear <INSERT NAME>,
I’ve been a resident of <CITY/COUNTY> since <YEAR>.
I have a quick question for you.
How can you assure me and other city residents that the <CITY/COUNTY> has taken the appropriate measures to protect its systems and data from a ransomware attack?
I ask you because there have been a rash of ransomware attacks that have hit city governments recently. The most current ones being the City of Baltimore (https://arstechnica.com/information-technology/2019/06/a-tale-of-two-cities-why-ransomware-will-just-get-worse/), the City of Riviera Beach (https://www.palmbeachpost.com/news/20190621/in-depth-how-riviera-beach-left-door-wide-open-for-hackers), and Lake City, Florida (https://www.cbsnews.com/news/ransomware-attack-lake-city-florida-pay-hackers-ransom-computer-systems-after-riviera-beach/). I hope we’ve planned well and will not pay a ransom (even through insurance) if/when an attack was to occur. Rather than reacting for such an occurrence, I’m hoping that our <CITY/COUNTY> has planned ahead.
Although I work in the information security field, I have no interest in selling anything. I’m just a concerned/interested citizen. If I can help, I will.
Thank you for making <CITY/COUNTY> a great place to live!
Let’s make this a way we can start fighting back against criminals who are fleecing our cities and our friends. This is only the start. Next steps come after getting responses.
Again, we are all in this together. Please be helpful, respectful, and courteous.