Ransomware attacks test the resolution of cities across America

"We are seeing more ransomware attacks because they work," said Eli Sugarman, who heads the Hewlett Foundation's cybersecurity program. "Cities struggle to secure their complex and often obsolete systems, and when they are attacked, some people choose to pay."

When companies are victims of ransomware attacks, they often hide them. But cities can not – as Atlanta learned in March 2018 – one of the most serious cyberattacks against an American municipality. The attackers claimed about $ 51,000 in Bitcoin, but according to the Atlanta Journal-Constitution, the city refused to pay the ransom. A document leaked to local media showed that the response to the attack could cost the city $ 17 million. At the time, Mayor Keisha Lance Bottoms had called the attack "hostage-taking" and the threat investigators working on the response blamed a hacking team called SamSam.

Two Iranians, Faramarz Shahi Savandi and Mohammad Mehdi Shah Mansouri, were indicted that year. No major SamSam attacks have occurred since. But new, more targeted malware has appeared.

Hackers who turned down computers in Baltimore in May demanded about $ 76,000 in Bitcoin to release the city's files and allow employees to resume access to their computers. Mayor Bernard Young said the city would not pay the ransom, in part because there was no guarantee that the files would be unlocked.

In the last four months, the city has made the systems online one by one, spending more than $ 5.3 million in computers and contractors to help recover from the attack. According to an initial estimate, the loss of revenue and municipal expenditures were more than $ 18 million.

Lester Davis, a spokesman for the mayor, said that part of the lost revenue had been recovered and that it was impossible to quantify the money lost by the city due to a lack of money. lack of productivity and missing payments. Baltimore has been issuing water bills in recent weeks for the first time since hacking, which means that many residents have to pay three times more than normal.

Five states – California, Connecticut, Michigan, Texas and Wyoming – appear to have laws that specifically refer to "ransomware" or computer extortion, although others have laws prohibiting extortion and computer crimes such as malware or computer intrusions, according to the National Conference of State Legislatures.