In Cities Across America, Ransomware Attacks Test Their Resolve
Beyond the disruptions at local city halls and public libraries, the attacks have serious consequences, with recovery costing millions of dollars.
By Marina Trahan Martinez, David E. Sanger and Manny Fernandez
“It’s weird,” said Jennifer Dominguez, a library assistant. “We’ve gone old school.”
This has been the summer of crippling ransomware attacks. Wilmer — a town of almost 5,000 people just south of Dallas — is one of 22 cities across Texas that are simultaneously being held hostage for millions of dollars after a sophisticated hacker, perhaps a group of them, infiltrated their computer systems and encrypted their data. The attack instigated a statewide disaster-style response that includes the National Guard and a widening F.B.I. inquiry.
More than 40 municipalities have been the victims of cyberattacks this year, from major cities such as Baltimore, Albany and Laredo, Tex., to smaller towns including Lake City, Fla. Lake City is one of the few cities to have paid a ransom demand — about $460,000 in Bitcoin, a cryptocurrency — because it thought reconstructing its systems would be even more costly.
In most ransomware cases, the identities and whereabouts of culprits are cloaked by clever digital diversions. Intelligence officials, using data collected by the National Security Agency and others in an effort to identify the sources of the hacking, say many have come from Eastern Europe, Iran and, in some cases, the United States. The majority have targeted small-town America, figuring that sleepy, cash-strapped local governments are the least likely to have updated their cyberdefenses or backed up their data.