Oregon City Pays $48,000 Cyber-Ransom
A city in Oregon has paid a ransom of $48,000 to regain control over its computer network following a cyber-attack.
The city of Keizer’s computer system was successfully targeted by threat actors using ransomware in the early hours of June 10. The attack left officials unable to access either files or their email accounts for a full seven days.
In a hand-delivered statement viewed by Oregon Live shortly after the attack was carried out, city officials said: “We are taking this seriously, and are working to resolve the situation as quickly as possible.”
Unable to recover the encrypted files themselves, despite engaging the help of the “appropriate authorities,” officials eventually acquiesced to the ransom demand issued by the attacker(s).
Subsequently, by around 11:45am on June 17, employees of the Marion County city were able to once again access their email accounts and files.
The ransomware attack was first detected on the morning of June 10 when city employees tried and failed to access the data and programs they rely on to carry out their duties.
A city spokesperson said: “We were presented with a request for a ransom payment needed to obtain the needed decryption keys.”
While the city was unable to fend off this particular cyber-attack, officials are hopeful that lessons have been learned from it that will prove useful in the event of further digital strikes.
“We believe that the forensic investigation could provide critical information to defend against attacks in the future,” said a city spokesperson.
The city said that no sensitive data appears to have been accessed or misused as a result of the ransomware attack.
Keizer isn’t the only place in Oregon to be targeted by ransomware this year, nor is the city alone in its decision to pay up to retrieve encrypted files and data. In January of this year, a ransom of $300,000 was paid by Tillamook County to recover information held hostage by cyber-criminals following a ransomware attack.
The county’s commissioners voted unanimously to negotiate with the attackers for an encryption key after attempts to safely recover data impacted by the attack failed.