Second Florida city pays giant ransom to ransomware gang in a week

Lake City officials give in and agree to pay nearly $500,000 to ransomware gang.

Malware and ransomware rise puts your data at risk For the third year running, the volume of malware attacks has increased. But there are big variations in terms of who is getting targeted, and how.

Less than a week after a first Florida city agreed to pay a whopping $600,000 to get their data back from hackers, now, a second city's administration has taken the same path.

On Monday, in an emergency meeting of the city council, the administration of Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand of 42 bitcoins, worth nearly $500,000.

City had been down for two weeks

The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month, on June 10, which the city described as a "triple threat."

Despite the city's IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems, with the exception of the police and fire departments, which ran on a separate network.

Lake City government work has been crippled for nearly two weeks because of the incident.

A ransom demand was made a week after the infection, with hackers reaching out to the city's insurance provider -- the League of Cities, which negotiated a ransom payment of 42 bitcoins last week.

City officials agreed to pay the ransom demand on Monday, and the insurer made the payment yesterday, on Tuesday, June 25, local media reported [1, 2, 3].

The payment is estimated to have been worth between $480,000 to $500,000, depending on Bitcoin's price at the time of the payment. The city's IT staff is now working to recover their data after receiving a decryption key.

A wave of ransomware attacks targeting US cities

Lake City has now become the second Florida city to pay a gigantic ransomware demand to hackers. Riviera City officials agreed to pay a ransomware gang 65 bitcoins ($600,000) last week.

In March, earlier this year, officials in Jackson County, Georgia, also agreed to an astronomical ransomware demand, paying hackers $400,000 to regain access to their files.

A report by US cyber-security firm Recorded Future published in May highlighted a spike in ransomware attacks targeting US cities. Previous victims include Lynn, Massachusetts, Cartersville, Georgia, and Baltimore, Maryland, just to name a few.

The victim who paid the largest ransom demand ever is South Korean web hosting firm Internet Nayana, which paid 1.3 billion won ($1.14 million) worth of bitcoins to a hacker following a ransomware attack in June 2017.

Related malware and cybercrime coverage: