Valtx Cyber Security — Lake City fires IT Director after paying ransom in malware attack

Lake City fires IT Director after paying ransom in malware attack

The city manager of Lake City, Joe Helfenberg confirmed that the director of information technology, Brian Hawkins, was fired.

This decision comes after a "Triple Threat" cyber attack that disabled city servers, phones, and email that resulted in ransom.

Lake City paid $460,000 in ransom for a cyber attack through the cyber cryptocurrency, Bitcoin.

Helfenberg will update the city council about the recovery of their encrypted files at a city council meeting Monday evening at 6 p.m. He estimates that the city should make a full recovery from the attack in about two weeks.

Lake City's online systems were compromised about three weeks ago by malware attackers. This week the city agreed to pay the ransom requested by the attackers. But one cybersecurity expert says paying the ransom is not a good idea.

Rod Wiggins is the owner of Computer Network Experts which is based in Gainesville.

He says he's worked with several companies that were victims of a ransomware attack and never advised his clients to pay a ransom.

"Paying the ransom is a bad precedent to set because now there's this idea that we can get away with it and make money," said Wiggins.

Lake City recently experienced a malware attack and approved for their insurance company, Florida League of Cities, to pay 42 bitcoins which was valued at $460,000 at the time.

The city paid a $10,000 deductible for the decryption key to restore their online systems. It was confirmed Friday that this resulted in one IT member being fired.

"Our city manager did make a decision to terminate one employee and he is revamping out whole it department to comply with what we need to be able to overcome what happened this last week or so and that's so it doesn't happen again," said Lake City Mayor Stephen Witt.

While Lake City officials told TV20 that their investigation is ongoing, Wiggins doesn't believe they'll be successful in tracking down the attacker.

"Because they used the Bitcoin to collect this money, the Bitcoin is not traceable so once you make this ransom payment, it's not like the authorities can hunt these people down, and a lot of these people are from eastern block countries or non-extradition countries so even if we know who they are we can't go get them," said Wiggins.

Mayor Witt says the decryption key has been working and that administration is hoping to be fully restored in the upcoming days.

For the past two weeks, in Lake City, many systems such as emails and telephones have not been operating due to a malware attack. The only department not affected was police and fire, because they operate on a different server. As time went on, city officials were faced with one solution.

This month Lake City administrators noticed things going wrong with their network. It was soon revealed that lake city had become the victim of a cyber attack known as "Triple Threat".

" IT staff have been working with a third party cyber security vendor as well as the Florida League of Cities, who is the insurance provider for the city to try and recover as much as they can," said Michael Lee, Lake City police department spokesperson.

There were several attempts to get the networks back up and running but there was no luck.

"It would be to try to either to retrieve it through unlocking the information or recovering it some other way and neither of those options is very good or very easy and not very cost effective," said Mayor Stephen Witt.

Comments are closed for this article.