Due to crypto space expansion, incidents of bitcoin scams and hacks have increased proportionally. Bad actors in the space have been quite successful in getting away with millions of dollar worth of cryptocurrencies. A new case came to the limelight where ransomware attackers targeted the city of New Bedford, but this time had to face failure. Two months ago, attackers, targeted the city of New Bedford, located in Massachusetts and demanded at least $5.3 million worth of bitcoin.
The attack was carried between the 4th and 5th of July but the incident was kept under covers. On the advice of cybersecurity experts, details and specifications of the virus and attack were kept hidden and not shared with the public.
Initially the attackers rejected city’s offer of $400,000, although money offered by the city was less than 10% of ransom demanded, now attackers have lost the chance to capitalize even a dollar. According to the mayor of city Jon Mitchel, the city didn’t increase its offer. Instead of negotiating, attention was diverted towards restoring and recovering the compromised data. As data was retrieved successfully, attackers lost their bargain and got nothing from city’s authorities.
According to the mayor, a variant of RYUK virus was used by the attackers to affect a total of 158 computers. Approximately, 4% of the city’s laptops and desktops were under attack. To prevent attack from spreading, the tech staff at New Bedford turned off the city’s servers and systems. Besides the efforts of IT staff, holiday of 4th of July, the day before the attack, proved to be beneficial as well since people computers were mostly turned off and the virus was refrained from spreading.
Compared with other ransomware, RYUK is dangerous with high ransom demands from the attackers. Targeting mid-large sized organizations, RYUK requires a long time to recover because a labor-intensive decryption tool is necessary to deal with the virus.
Although the city’s effort to restore data was much feasible than negotiating with attackers, necessary steps are being tken by the authorities to prevent similar attacks from happening again. In this aspect, authorities stated:
The City will also continue to take measures to prevent any such attacks in the future. The City’s network security has been further enhanced, additional security practices and protocols have been put in place, and the City’s cybersecurity firm will continue to provide further recommendations to the City.
Bitcoin ransomware attacks are quite popular and becoming common these days. Previously, ransomware attackers disrupted the daily operations of a city in South Florida, Riviera Beach. By paralyzing its computer system with ransomware attacks, the attackers compelled the government to pay as much as 65 bitcoins for restoring its computer networks.
Similarly, a few months ago, the city of Baltimore was under a severe cyber attack by hackers. Due to the attack, thousands of computers were frozen and several services such as real estate sales, water bills and health alerts were affected as the email system was shut down. The hackers demanded 13 bitcoins for releasing control and freeing the system. Their demand appeared on the local workers’ screens which besides asking for payment stated :
We’ve watching you for days and we’ve worked on your systems to gain full access to your company and bypass all of your protections.
According to reports published by McAfee, there has been an increase in crypto-jacking campaigns and ransom malware attacks. The reports revealed that in addition to Microsoft Windows, Apple was also the target of many cyber attacks.
As per another report shared by Chainalysis, ransomware attackers utilized crypto exchanges to cash out their earnings. For a period of about 5 years, from 2015 till 2019, 52,000 victims of ransomware attacks have been reported. The report unveiled that more than 60% percent of ransomware attacks are cashed through cryptocurrency exchanges.
After a ransomware attack, the victim hardly had any choice available, other than relying on fulfilling hackers’ demands. Although New Bedford was very lucky, the aforementioned cases show that most of the times, there is no option other than surrendering to attackers.
It is necessary that firms, whether private or governmental, invest in cyber-security services to prevent the likelihood of the aforementioned attacks. It is also way better to opt for cybersecurity insurances rather than paying the enormous ransomware after attacks. Only time will tell if the rest of the year is any safe from fraudulent practices of bad actors in the crypto space.