Alabama City to Pay Cyber-Ransom

An Alabama city is paying over a quarter of a million dollars to cyber-criminals to recover data encrypted in a ransomware attack.

Florence became a victim of the DoppelPaymer ransomware gang on June 5 in an attack that shut down the city's email system. The gang demanded 38 bitcoin, equivalent to USD $378,000, and threatened to publish or sell data stolen from Florence if the city didn't pay up.

A security firm hired by Florence in the wake of the attack was able to negotiate the ransom down to 30 bitcoin, worth around $291,000. 

City mayor Steve Holt said that Florence had elected to pay the ransom despite not knowing for certain what data the cyber-criminals had stolen and encrypted.  

“Do they have our stuff? We don’t know, but that’s the roll of the dice,” Holt said.

The mayor theorized that attackers gained access to the city's computer system via a phishing attack. 

Holt told KrebsOnSecurity that the DoppelPaymer gang appeared to have compromised the networks of four further victims within an hour of striking Florence, including another municipality that he declined to name.

Krebs contacted Holt's office in late May after receiving a tip from Hold Security that Florence's information technology systems had been infiltrated by hackers who specialize in deploying ransomware. 

The Wisconsin cybersecurity firm had discovered that a Windows 10 system in the city's IT infrastructure, seemingly linked to the city's manager of information sy ..

Support the originator by clicking the read the rest link below.