COVENTRY, R.I. (WPRI) — Four Rhode Island cities and towns have fallen victim to ransomware this summer, according to Rhode Island State Police.
It’s part of a growing trend impacting businesses and municipal governments nationwide.
The town of Coventry is still recovering from a cyber attack it experienced in July.
The town’s public school department was hit by ransomware – malicious software that, essentially, holds data and information hostage until the owner pays a sum of money to hackers. Coventry’s insurance company negotiated with those bad actors and got their data back.
Superintendent Craig Levis tells Eyewitness News the demand was for Bitcoin, a type of digital currency that’s currently valued at about $10,000 per Bitcoin.
In the end, Levis estimates they paid less than half of the original ransom of 42 Bitcoin – to the tune of about $200,000.
He said it was less of a moral or ethical decision and more about weighing the short- and long-term costs: Pay the hackers to release the data or pay an IT company to try and solve the encryption.
“It was paralyzing,” he said.
The issue took roughly a month and a half to negotiate and Levis said they’re still feeling the effects.
In New Bedford, city officials refused to pay the $5.3 million ransom that hackers demanded. When hackers refused to accept a $400,000 counter-offer, the city decided to try and solve the problem itself.
Pawtucket didn’t pay the ransom when their fire department’s call data center was hacked in June and Newport also fell victim to a malware attack on their schools in July.
State Police declined to identify the fourth Rhode Island city or town that dealt with a ransomware attack this summer.
Rhode Island and Massachusetts are far from alone. The New York Times reported in late August that more than 40 municipalities across the country have fallen victim to such attacks.
Lt. Eric Yelle of the Rhode Island State Police Computer Crimes Unit said they’ve seen an uptick in ransomware this summer.
“It’s our largest cybersecurity issue both for private industry and for the government right now,” he said.
Eyewitness News reached out to every city and town in Rhode Island to ask if they had encountered ransomware. While the vast majority that responded said they had not been the victim of an attack, all said they were preparing should one occur.
Yelle said people should use caution when clicking on links in their emails.
He said people should hover over a link to see if it truly leads where it says, or call the person who purportedly emailed it. He also said cities and towns should backup all of their data externally.
The cities and towns that have already been hit say they’ve learned their lesson. Pawtucket upgraded the city’s data backup system, Coventry scrubbed its hard drives, and Newport beefed up security.
Other municipalities said they’ve trained staff how to spot suspicious links. Some refused to comment for this story so as not to draw hackers’ attention to their towns.
Yelle said the precautions are a good thing, though he said some municipalities might already be victims of ransomware and not even know: “Ransomware that we’ve been seeing this summer has been lying dormant for a couple of months before it activates.”