Baltimore Paid Ransom, Yonkers Refuses to Pay
Yonkers Rising has learned that the City of Yonkers has been the victim of a ransomware attack and for the period of the past five days, City Hall and its employees have been without their computers. We have also been told by city officials with knowledge of the situation, that Yonkers will NOT pay a requested ransom to unlock their computer servers, and instead has spent the past week trying to upload as much data as possible from their backups.
Ransom-hacking is nothing knew to small governments and school districts across the country. Last year, the Yorktown and Croton-Harmon school districts in Westchester County had their computer systems hacked by a cyber security attack coming from someone seekiing to get a payment to remove the ransomware that froze both systems.
The Yorktown schools were forced to temporarily shifted from a hybrid learning model to all-remote lessons after its district shared news of a cyberattack on Oct. 12.
The ransomware attack encrypted data on the Yorktown Central School District’s networks, forcing officials to restore servers from backups and go room-to-room to reimage devices. The Croton-Harmon school district also faced a similar attack in 2020. Both school districts did not pay the ransom, and insteaqd were able to restore their system from data backups.
That is what the City of Yonkers is doing, but it is a tedious process. The City of Baltimore, Maryland has fallen victim to cyber-ransom attacks more than once. In 2019 Baltimore refused to pay a $100,000 Bitcoin ransome, resulting in city employees locked out of their accounts and for two weeks. Homeowners were unable to pay their property tax bills and parking tickets. A 2018 attack on Baltimore froze the City’s 911 emergency call center,.
Ransomware attachs on US corporations have occured over the past few years, the biggest one coming in 2017 called WannyCry, which the US Government blamed on North Korea, who according to published reports, has a government sponsored ransomware operation that gets payments in Bitcoin.
There has been no comment from Yonkers City Hall. We were contaced by more than one of our sources in City Hall, who reported that all employees have been without their computers from Monday September 6-Friday September 10. According to our same sources, City Hall is hoping to have all computers operating again on Monday September 13.
There is no standard playbook for local governments and school districts on how to handle ransomware attacks and demands. Some pay and some don’t pay. Daniel Tobok, CEO of Cytelligence, said that in his experience helping 500 municipalites, sometime the ransom is paid off, sometimes it is not. But after a certain number of days, “you don’t have a choice and you have to make a business decision.”
Sometimes that business decision is to hire a cybersecurity expert to negotiate with the cyber criminals. That is not what is happening in Yonkers, according to our information.
