Scroll Top

Town Avoids Paying $5 Million in Ransomware Attack


Thursday, September 19, 2019

The city of New Bedford, Massachusetts was attacked with the Ryuk ransomware on July 4th, 2019. Mayor John Mitchell stated the hackers demanded $5.3 million in bitcoin in order to release the city’s data. Town officials attempted to stall for time with open dialogue with the anonymous hacker.

Ryuk first appeared in August 2018. A total of three organizations were hit over the course of the first two months of its operation. Subsequently, Ryuk was able to pocket approximately $640,000 from the three organizations. Most recently, the New Bedford’s computer network was discovered to be compromised. Mayor John Mitchell stated, “the attack occurred over a holiday and most computers were shut off, the malware spread to just 4% of the city’s more than 3,500 computers.” Ransomware is typically spread through a phishing email containing a harmful link that leads to a malicious website; thus, software is downloaded without the user’s knowledge.

City officials contacted the anonymous hacker through an email address provided. The city officials were told to pay the ransom in exchange for a decryption key to unlock the city’s data. Mitchell was originally opposed to negotiations with the attacker but Mitchell changed his mind. Mitchell decided to utilize insurance proceeds and offered $400,000. During negotiations, the city’s IT personnel were able to restore a large portion of data without a decryption key. Ultimately, city officials implemented new security software and new protocols in order to mitigate future security breaches.

Jeffrey Jones from Topgallant Partners stated, “no matter how secure the computer network, there is always a chance that malicious code will slip past its cyber security network.”

For more information, please click here.

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.