case-study-riviera_555

City of Riviera Beach Florida

In May of 2019, the city of Riviera Beach, Florida was hit with a ransomware attack when someone at the police department opened an infected email, causing the city’s government computers to be infected. The entire system went down for a month and created long-lasting problems with the city’s computer network.

The hackers demanded a ransom of 65 Bitcoins, which was $600,000 at the time. The city of Riviera Beach paid the full ransom to restore their computer system, despite advice from the FBI recommending against making ransom payments.

One reason this small city was targeted was because the hackers saw a vulnerable government that was not focused on keeping it’s IT infrastructure updated.  Riviera Beach did not place much attention on their IT department and even failed to install an $800,000 computer security system, a piece of technology they had already purchased. In addition, the city was using a data storage unit from 2012, which had a lifespan of about 5 years, along with unpatched software and no proper backups.  In this case, human error of allowing the vital computer systems to remain outdated vulnerable was a main reason Riviera Beach was targeted.

Aside from the $600,000 ransom, the city estimates damages of $1.5 million, and a year later the government faces issues with emails, their website, and slow computer systems. So, although the attack lasted about a month and all the information was returned to the government, the effects of the attack are still noticeable today. In response to the attack, the local government spent $1 million on 310 new desktops and 90 new laptops, as well as other hardware. The ransomware criminals have still not been identified.

Riviera Beach learned an expensive lesson and clearly will be taking better precautions in the near future.  It is also a lesson for other local governments who are operating with outdated systems that make them vulnerable to the same type of ransomware attacks.