Good news for the City of Riviera Beach. After paying the ransom of 65 Bitcoins, the criminals provided the City with the key to successfully decrypted the locked files.
For the criminals, this was a sound business move. In the event they decide to attack other targets, their victims may be more willing to pay if they believe they will receive the decryption key.
Segmenting Internal Networks
In numerous municipalities across the country, the internal network is flat. Computer Aided Dispatch (CAD), Records and other systems supporting Fire/EMS and Law Enforcement, operate on the same underlying network as Finance, Public Works, Administration, etc.
By segmenting these networks internally, we can potentially prevent a single ransomware attack from taking down the entire municipality. I have spoken to a few municipal IT staff and they mention lack of funding, management support, training, etc.
A ransomware attack of this size and impact is terrible for every department involved. We should however, consider giving Critical Infrastructure – Public Safety- the protection it deserves.