FLORIDA — As the FBI continues investigating the latest municipal cyberattack of Pensacola, the question for many officials is whether to pay or not to pay the ransom?
- Pensacola dealing with cyberattack
- 2019 bad year for cyberattacks in Florida
- FBI and Cyber Florida experts say don’t pay ransom
FBI policy says no, but in the last year Florida attacks have netted millions in ransom.
The international statistics are even more alarming.
In 2019, reported payments made by six Florida municipal governments to hackers have totaled almost $3 million.
Most of these payments are covered by cyber insurance.
For example, Lake City officials said they paid $10,000 in deductible of an estimated $480,000 ransom insurance payment.
One city, Stuart, got off without paying the ransom because they had backed up their servers.
Over the summer, the Conference of U.S. Mayors passed a resolution to not pay ransomware.
They stated it “encourages continued attacks.”
Examples of other major cyberattacks the lesson learned is you end up paying anyways.
The City of Atlanta reportedly paid out $17 million while reportedly Baltimore paid $18 million.
Usually the cost to a city involves two categories.
There’s the cost of recovery and the cost of downtime of servers which studies show are 5 to 10 times the cost of ransom, according to a 2019 Coveware report.
Cyber Florida, USF’s online security institute told Spectrum Bay News 9 there’s a reason not to pay, which is in line with FBI policy.
Cyber Florida officials said there’s no guarantee cities will recover completely after a cyberattack.
The Coveware report also found 2019’s cyberattacks have become more complex.
At the start of the year, downtime lasted about a week.
After the midyear, it’s up to a week and half.