EAST GREENWICH, R.I. (WPRI) — A click of a mouse might have cost the town of East Greenwich tens of thousands of dollars.
Town Manager Andrew Nota said at a council meeting Monday a ransomware attack on town computers last Thursday afternoon “critically disrupted” their systems. Ransomware is a type of malicious software that hackers use to lock up data, essentially holding it hostage until the victim pays a sum.
East Greenwich didn’t pay the ransom, which has not been disclosed by town officials. Nota said it will take some time to get everything back to normal, but praised his team for quickly identifying and addressing the problem.
Morgan Wright, chief security advisory at California-based cybersecurity firm SentinelOne and a senior fellow at the Center for Digital Government, said municipal governments can be a lucrative target for hackers.
Last summer, hackers used ransomware to demand more than $5 million from New Bedford, a sum the city refused to pay. Coventry decided to negotiate with hackers when their school department computers were hit, paying an estimated $200,000 in the cryptocurrency Bitcoin.
Wright said it’s never a good idea to pay, citing a SentinelOne study that found a quarter of those who did pay the ransom didn’t get their data back, and the majority were hit again.
“It goes back to that old saying ‘there is no honor among thieves,’ and these folks are thieves,” he said.
While East Greenwich hasn’t given in to the hackers’ demands, getting their data back isn’t something that comes for free. Nota said the community has insurance to cover incidents like this, but the deductible is $50,000. Now town officials have to figure out exactly how much it’ll cost.
Wright said it’s important for municipalities to invest in good protections upfront, spending taxpayer dollars wisely before hackers try to get their hands on the money.
“You’re going to pay one way or the other: either you pay the money now to secure your systems, or you will pay later to recover and still spend that amount of money plus a whole lot more,” he said.
With 2020 just weeks away, Wright is concerned about a possible ransomware attack during the presidential elections.
“How much money would a state be willing to pay on election night if all of their results were held hostage?” he posited. “We don’t even have to touch a single voting machine, but what if I could get to the central database to where all of the results for a presidential election came in?”
Rhode Island Secretary of State Nellie Gorbea said the state’s elections systems are fortified against this type of hack.
“Rhode Island uses several layers of security to protect election results,” Gorbea said in a statement. “Our voting machines physically print results after the polls close. Each machine also encrypts results onto a USB drive that’s kept under lock and key. And most importantly, we use voter-marked paper ballots – the gold standard in election security.”
Wright said the best way to protect yourself against ransomware is to have good technical hygiene — use two-factor authentication, enable virtual private networks or VPNs on public Wi-Fi servers, and never open a link or attachment you’re unfamiliar with.