IT Director Fired Following Lake City Ransomware Attack
The director of IT at Lake City Council, Florida, has been fired following a ransomware attack that resulted in the city being 'shut down' for three weeks, according to city manager, Joe Helfenberg.
Brian Hawkins' position was terminated last week following the attack which resulted in the city paying $460,000 in Bitcoin.
The attack, which has been described as a "triple threat" attack, disabled the city servers, phones and emails. Online systems were compromised three weeks ago by attacks, with the city agreeing to the ransom requested. It has approved the insurance company, Florida League of Cities, to pay 42 bitcoins valued at $460,000 at the time. However, the city paid a $10,000 deductible for the decryption key to restore their online systems. It was confirmed that this resulted in one IT member being fired, however it has not been confirmed specifically why.
"Our city manager did make a decision to terminate one employee, and he is revamping our whole IT department to comply with what we need to be able to overcome what happened this last week or so, and that's so it doesn't happen again," Lake City Mayor Stephen Witt told WCJB.
Investigations are ongoing, according to Lake City officials, but the Mayor isn't optimistic that the attacker will be tracked down: "Because they used the Bitcoin to collect this money, the Bitcoin is not traceable once you make this ransom payment, it's not like the authorities can hunt these people down, and a lot of these people are from eastern bloc countries or non-extradition countries, so even if we know who they are we can't go get them."
According to WCJB, Helfenberg will updated the city council about the recovery of their encrypted files at a city council meeting on Monday evening. There it was agreed that the City would pay the ransom.
Lake City's police department and the Florida Department of Law Enforcement is investigating the case, according to Mayor Witt. The FBI is also conducting a wider investigation following ransomware attacks on other American cities.
Source: Information Security Magazine