Lodi City Manager Steve Schwabauer recently confirmed that computer issues they faced earlier their year, which led to disruption in phone lines and financial data systems, were due to a ransomware attack.
Another attack for crypto ransom
The manager also highlighted that the parties behind the attack demanded a ransom of 75 Bitcoins, which were worth about $400,000 at the time.
Ransomware attacks that demand digital currency from the victims have become very common in the past few years, especially since the massive jump in crypto prices in 2017. It is a malicious software program that can block access to a computer or files on a computer. The files are unlocked only when the victim pays the sum demanded by the hackers.
The malicious program that Lodi City received was sent via email attachment and looked like an invoice. As soon as a staff member clicked on the attachment, it quickly spread to the City’s computer network and blocked access to critical files and encrypted them. The malware then severed the connections of several crucial phone lines. Even the non-emergency number of the Lodi Police Department, the main number of City Hall, the main number of finance division and emergency outage line for Public Works was disrupted.
The attack is one of the latest in a series of hacks of public organizations like hospitals, schools, and police departments. Hackers want to get hold of the massive amount of data held within these organizations’ systems.
What did the hackers demand?
“The ransom demanded 75 Bitcoins (approximately $400,000 at the time of the inquiry) be paid to restore our systems. We did not pay the ransom. Instead, we rebuilt our systems from our back-ups.”
Instead of accepting the demands of the hackers, the city hired a legal team as well as security experts to conduct forensic audits. The experts found that the public information stored on the network was not compromised. The manager added, “We did not come forward with this information because we were following the advice of legal counsel. To say anything more would be a violation of attorney-client privilege.”
The problem, which was detected on April 1, was corrected within a month. However, it struck them again when the Police Department’s phone lines were disrupted in May. Bitcoin has become a preferred method of demanding ransom as the transactions made on this network are anonymous, which gives hackers added protection from authorities.