It’s an interesting calculation; pay the ransom or attempt to restore by yourself (assuming you have viable backups). It looks like this city in the US fell back on its insurance and took the pay-up route…:
The City of Stratford paid just over $75-thousand to have its systems restored following a cyber incident in April.
That information is contained in a Question and Answer document the city released on Thursday afternoon detailing the attack.
In a timeline also provided, officials, say that prior to April 14th, an attacker gained access to the city’s environment through an unconfirmed entry point and they started to encrypt the city’s systems at 8 a.m. on April 14th.
Officials say that the city’s servers were disconnected from the internet at 1 o’clock that afternoon in order to contain the incident and that Deloitte was contacted at 2 p.m. to provide cyber incident response services.
Both the Stratford Police Service and the OPP Cyber Crime Unit were advised about the cyber incident soon after it was discovered, according to officials, and negotiations were initiated with the attacker to restore access to the systems.
They say the attacker asked for a payment of Bitcoins, which is a digital currency, in return for the decryption keys to unlock the system.
A total of ten Bitcoins, valued at $7,509.13 each at the time, working out to a total payment of $75, 091.30 was paid by the city.
The city has cyber insurance in place, with a deductible for the coverage $15-thousand, and officials say a claim has been submitted for all costs from the attack, including the ransom amount.
On April 29th, officials say the city returned to normal business operations and they say no personal information was disclosed during the attack.
A police investigation into what happened continues.
You can click here to view the documents released by the City of Stratford.