A southern California county sheriff’s department paid a ransom of $1.1 million to cyber hackers to remove ransomware that affected some of the department’s systems, the county has confirmed.
A cyberattack in April disrupted the San Bernardino County Sheriff’s Department’s network, interrupting a limited number of systems, including the California Law Enforcement Telecommunications System used by deputies to look up whether a person is wanted for crimes.
After negotiating with the hackers, the county and its insurance carrier agreed to pay the ransom to restore the system’s full functionality and secure any data involved in the breach, the county’s spokesman David Wert told The Epoch Times in a statement on May 5.
“The decision whether to render payment was the subject of careful consideration,” Wert said. “On balance, and consistent with how other agencies have handled these types of situations, this was determined to be the responsible course.”
The county, located about two hours east of Los Angeles, had prepared for such an attack by getting insurance coverage, according to Wert. The county was responsible for $511,852 while the rest was covered by insurance.
Ransomware is a type of malicious software that prevents an organization or person from accessing computer files, systems, or networks, and demands the victim pay a ransom to restore access, according to the Federal Bureau of Investigation (FBI).
The FBI does not support paying a ransom, according to the bureau’s website.
“Paying a ransom doesn’t guarantee you or your organization will get any data back,” the FBI advised. “It also encourages perpetrators to target more victims and offers an incentive for others to get involved in this type of illegal activity.”
The sheriff’s department is continuing to investigate the incident and is conducting a forensic examination to fully understand what happened, according to the county’s spokesman. The incident was referred to partnering law enforcement agencies in April, including the FBI and the Department of Homeland Security.
“At no time did the incident compromise public safety or the Sheriff’s Department’s ability to carry out its duties,” Wert said.
Ransom Payments Encourage More Attacks: Expert
National cyber security expert Joseph Steinberg, author of the best-selling book “Cybersecurity for Dummies,” told The Epoch Times paying a ransom to cyber hackers encourages more attacks.
“Sometimes, paying the ransom seems like the easy way out, but it guarantees it will continue,” Steinberg said. “You can be sure as hell they’re going to be doing it again.”Ransom payments can also be a federal crime if the hackers are affiliated with a group or country the U.S. has sanctioned, according to the expert.
“Countries and organizations that are under sanctions know this is one way to get money that governments are looking the other way on,” he said. “Let’s hope it wasn’t something like that.”
Beyond the “moral hazard” of giving money to criminals, the hackers can use the cash to create more and better ransomware, he said.
Friends Read Free