Mayor Steve Holt
FLORENCE – “Sometimes you just have to pay the money, and move on. We have to protect our employees, our residents and the governmental and business entities with whom we do business,” said Mayor Steve Holt, who was referencing the $300-thousand ransom the City paid to cyber-terrorists who successfully hacked the City’s computer network and locked a large part of it down.
At a special called-meeting Wednesday night, the Florence City Council begrudgingly agreed to pay through a third-party a cyber-hacker who locked down the City’s email system with a demand to be paid 30 Bitcoins ($300-thousand dollars) or else the information would be released through the internet universe.
Evidently, according to Holt, the hacker (or hackers) had been inside the City’s computer network, as well as two other Alabama cities, for about a month. Holt said that the City had been contacted by an cyber-security firm, who Holt did not name, which discovered the successful exploit. Immediately after being notified, Florence’s IT Department went into overtime to try and defeat the exploit, but by the time they had been notified of the hack, it was already too late. The City’s emails had already been compromised, and there was nothing that they could do but pay the money and trust that the cyber criminals would hold up their end of the bargain. Holt said, “The outside cyber secutiry company told us that these clandestine hackers generally live up to their promise of not releasing the stolen information, once the ransom has been paid”. He continued, “We were told that this ‘honor among thieves’ code is generally not broken. If the promise of not releasing information after their ransom is satisfied is broken, the system stops working, because there would be little incentive for future victims to pay if they have a good reason to suspect that their data will be released anyway. So we think we’re OK with this one.”
It is a well-known fact that governments, private companies and individuals are probed 24/7/365 in the hope that a weak fruit will fall off the tree, and a computer system can be exploited for money. The good news is the vast and overwhelming majority of cyber attacks are thwarted by coding-in computer operating systems security software, and cyber monitoring by Federal and State agencies. But that’s little comfort to the extremely small percent of those who have had their computer systems and networks held-up for ransom.
Holt said, “Again, we had no choice, really. Florence just had to pay the money and move on.”
