The city stated that it would not pay the ransom and would restore as much data from backups as possible.
Employees have been performing as much work manually as possible in the meantime. This frequently entails preserving handwritten documents that are then transferred to databases once the systems are operational again.
Yonkers government ransomware assaults are nothing new. You may recall that the City of Baltimore was the target of one of the most catastrophic ransomware attacks of all time in 2019.
The city was shut down for more than two weeks before the government’s services were restored, costing the city more than $18 million in lost revenue.
Despite Baltimore’s decision to ignore cyber security experts and the FBI’s advice not to pay the ransom, many individuals questioned the city’s judgment given the magnitude of the harm.
“If we paid the ransom, there is no guarantee [the attackers] can or will unlock our system,” Mayor Bernard C. Jack Young responded to the critics.
He continued, There’s no way to track the payment, and we have no way of knowing who we’re sending money to. There’s no way of knowing if they’ve left more malware on our machine to hold us for ransom in the future because of the way they sought payment.
In the end, we’d have to take all of the precautions we’ve taken to create a safe and secure environment. I’m confident that we’ve chosen the appropriate path forward.
After other cities in the US were targeted by ransomware and elected to pay up, Mayor Young was vindicated. As a result, a series of attacks occurred in 2019, with two Florida cities paying $500,000 within a week of each other.
The attack on a third city prompted the United States Conference of Mayors to convene.
The gathering of mayors in the United States resulted in a unanimous decision to cease paying ransom demands.
The mayors added, “Paying ransomware attackers encourages continued attacks on other government systems since culprits profit financially.”
“To prevent further harm, the United States Conference of Mayors has a vested interest in de-incentivizing these attacks,” they concluded.
When New Orleans was attacked a few weeks later, the philosophy was put to the test. City officials, on the other hand, kept their word and implemented a disaster recovery plan to assist limit the damage.
Soon after, cyber thieves got the word, and attacks on municipal government in the United States began to decline. However, two years later, we’re seeing a resurgence of attacks.
To guarantee that they are prepared for the potential of an attack, local governments must develop an incident response plan.
The City of Yonkers acknowledged that the malware had been quarantined on the network, that no ransom had been paid, and that the Department of Homeland Security had been alerted.