- A group of hackers breached the IT network of New Bedford, Massachusetts in July and demanded a ransom of $5.3 million.
- The details of this attack were revealed on September 4 by the New Bedford Mayor Jon Mitchell.
After executing the attack that disabled many city computers in New Bedford, the hacker group behind the incident demanded a ransom of $5.3 million. This ransom was demanded in exchange for the decryption key to unlock files encrypted by this cyber attack.
- On the night between July 4 and July 5, a group of hackers infiltrated into New Bedford’s IT network and introduced a type of ransomware called Ryuk. The Ryuk is known to be used for financial extortion purposes.
- This ransomware encrypted data stored on 158 systems, blocking city officials from accessing them. Since the attack happened at night, a lot of city systems were turned off, and the ransomware didn’t infect the entire network.
- The attack was recognized by the city’s IT staff the next morning, and infected systems were immediately disconnected. The city then reached out to the hacker group who demanded a ransom payment in Bitcoin equal to $5.3 million in exchange for the decryption key.
The nature of this attack was kept undisclosed till September 4, when mayor Mitchell spoke about it in a press conference. The attack was previously blamed on an unspecified virus.
How did the city respond?
The city didn’t pay because of a lack of funds. If New Bedford had paid this ransom, it would have gone down in history as the largest ransomware payment made to date. The city made a counteroffer of $400,000, a value which was approximately what other municipalities paid as ransoms recently. The attackers declined the offer and the city decided to restore its data from back-ups.
New Bedford’s MIS department has rebuilt the server network completely, restored applications, and replaced affected workstations. The city’s insurance company has made the monetary contribution necessary for the recovery process.
To read the original article: