The San Bernardino County Sheriff’s Department has confirmed that it paid a $1.1 million ransom to restore full functionality to its systems following an April ransomware attack. The ransomware attack caused the department to temporarily shut down some of its systems to prevent the threat from spreading.
Despite the FBI’s advice against paying ransoms, the department likely had no other option but to pay to recover the encrypted systems and secure any breached data.
The ransom was reportedly paid through cryptocurrency, which has raised concerns about who the money went to. The director of USC’s Center for Computer Systems Security, Clifford Neuman, stated that when paying through cryptocurrency, “you don’t know who you’re paying it to,” and it could be a sanctioned entity such as Iran or North Korea, or a terrorist organization.
The ransomware gang behind the attack is believed to be from Eastern Europe and has previously targeted U.S. entities.
Cybercriminals frequently target cities, hospitals, and school districts due to their poor defense and sensitive data.
The investigation into the ransomware attack is still ongoing, and the incident serves as a reminder of the growing threat of cyberattacks and the importance of implementing robust cybersecurity measures to prevent such attacks.
