California City was Hit by Bitcoin Ransomware Attack and Refused to Pay

Lodi in California Bitcoin Ransomware Attack

Earlier this year in April and May, the city of Lodi in California was hit by a serious ransomware attack in which many of the city’s official computers were plagued by malicious program. A payment of 75 Bitcoin(BTC)trade was demanded as ransom by those behind the attack to bring the computer system back to normal.

The Lodi City Manager Steve Schwabauer confirmed that the ransomware was spread through the city’s computer network and targeted computer of various departments. Let’s dig deeper into the story and get the full insight of the matter.

According to Schwabauer, the ransomware was sent to city staff through an email. The email had an attached file that looked like an invoice which upon clicking it spread through the city’s computer network. According to a report published by the cybersecurity publication Government Technology, the city’s phone lines and financial data systems were the main targets.

The sent malware or ransomware targeted critical files stored in the city’s computer network which resulted in several issues in the city’s phone lines. The non-emergency number for the Lodi Police Department, the main numbers of city hall, finance department and the emergency outage line for Public Works telephone system went down.

The Bitcoin Ransom Was Not Paid

The attackers behind the ransomware demanded from city officials to pay the ransom of 75 Bitcoin in exchange for the encryption keys that could bring the entire system back to normal. However, the city didn’t cave in to the extortion. Schwabauer said:

“The ransom demanded 75 Bitcoins (approximately $400,000 at the time of the inquiry) be paid to restore our systems. We did not pay the ransom. Instead, we rebuilt our systems from our back-ups.”

The city hired a cybersecurity expert and a team of legal advisers to investigate the attack. After a series of forensic audits conducted by security experts, it is come to know that no public information was compromised in the Bitcoin ransomware attack. Schwabauer added:

“We did not come forward with this information because we were following the advice of legal counsel. To say anything more would be a violation of attorney-client privilege.”

Schwabauer also confirmed that the issue was first detected on April 1st which had been corrected after a month. However, the main problem aroused during the second successful attempt of the Bitcoin ransom attack in May where the Lodi Police Department’s network was impacted, interrupting its phone lines.

The city manager also admitted that he had never predicted such a Bitcoin ransomware attack in a city like Lodi; however, he assured that the city’s IT security team has their eyes on it. The city has also requested an additional $500,000 to improve the security of the city’s computer network in order to fight such attacks in the future.

Ransomware attacks have been around for a while now, and the frequency of these attacks has been increasing steadily ever since the arrival of cryptocurrencies.

What do you think about the article?

Sharing Is Caring: