Cities under siege and all of their citizen's data held for ransom.
Last month, hackers crippled the city of Atlanta, taking control of computer servers and knocking out public services.
Hackers demanded $51,000 in bitcoin from the city. The city refused to pay, but shelled out $2.6 million to recover. Weeks later, Baltimore was also targeted.
The FBI said ransomware attacks are on the rise.
“People are becoming more and more savvy about how to extort this money,” said Netragard CEO Adriel Desautels.
Desautels is a former hacker-turned-CEO of computer security firm Netragard.
He said all it takes is one city employee to click on a phishing email and a central server is attacked, locking all of the data.
“The value of the information that's contained by the various states and even cities is arguably even higher than the information held by most companies, I think,” Desautels said. “You look at the ransomware affecting Atlanta or any of the recent ones there spreading by weak passwords, there spreading by known vulnerabilities.”
The attacks are also hitting smaller cities, which can have a much bigger impact.
Often municipalities don’t have the resources like a bank or a big company to fight off a cyber assault and when it comes to disrupting lives, an attack on a city or town can be devastating.
The data hacked can be a city's lifeline, from tax payments and traffic lights to payroll, waste-water treatment, 911 calls and trash collection.
If it's networked, it's vulnerable.
Some cities have a strict no-ransom policy.
“There's no guarantee you’re going to get your data back from the hijackers,” said Deputy Chief Information Officer City of Worcester, Massachusetts, Eileen Cazaropoul. “Once you pay it and also it kind of sets a standard that your willing to pay and it shows the hackers they can keep doing that.”
TRENDING STORIES:
The city of Worcester has several layers of network security, including an email system that blocks traffic from certain countries.
“It's not actually expensive to get some machines up to automatically update and just use some good anti-virus as an example,” said Lee Rossey, co-founder of Simspace, a Boston-based cybersecurity firm.
Rossey said no network will ever be 100 percent secure, but employee training, network separation and good back-ups can reduce risk.
“So one way to kind of avoid that one is don't open suspicious email, have good anti-virus and have good things on your network that are looking for that,” Rossey said.
Because what happened in Atlanta will happen again - the only question is when and where.
The strain of ransomware Atlanta fell victim to is known as Samsam.
Samsam hackers have already extorted more than $1 million from organizations already this year.
Cox Media Group
