New Bedford, Massachusetts, was hit with a ransomware attack in July. The unidentified hackers behind the ransomware demanded a Bitcoin payment of $5.3 million. The city initially proposed a counter-offer of $400,000, which was rejected by the hackers. Mayor Jon Mitchell said the hackers did not make any counter offers. Had the city decided to pay, the ransomware payment would have been the biggest known.
Mitchell also stated that insurance proceeds would have covered this cost. Instead of increasing its offer, the city decided to recover on its own.
Following several months of keeping quiet regarding the real nature of the cyberattack, Mitchell confirmed that ransomware triggered the extensive closure of city computers that started July 5. Security consultants highly recommended against supplying information regarding the cyberattack. The city previously blamed the issue on an undefined virus.
Mayor Mitchell stated that the adversary utilized a variant of the infamous Ryuk ransomware, the primary ransomware threat for businesses according to Malwarebytes.
The ransomware attack affected merely 4% of the City’s computers, according to Mitchell.
The malware infection had not disseminated to other systems because of the Management Information Systems (MIS) staff’s answer to controlling the data encryption process from disseminating by quickly disconnecting its computer servers and shutting down systems.
Mitchell mentioned that the city is unaware of any theft of resident’s personal information but may not exclude it since specific log data is encrypted. The city will deliver public legal notice and suitable supports associated with personal data theft.
The city will deliver public legal notice and suitable supports associated with personal data theft, irrespective of whether it is legally required to do so, Mitchell said.