Town Avoids Paying Massive $5 Million Ransom In Cyberattack

When the city of New Bedford, Mass., was hit by a ransomware attack in July, with hackers demanding $5.3 million in bitcoin to release the city's data, town officials tried an old law enforcement tactic to deal with hostage-takers: open dialogue and stall for time.

New Bedford's computer network was attacked with Ryuk ransomware on the night of July 4, Mayor John Mitchell told reporters on Wednesday. Because the attack occurred over a holiday and most computers were shut off, the malware spread to just 4% of the city's more than 3,500 computers.

That was the first lucky break.

After IT personnel discovered the attack the next day, city officials contacted the anonymous hacker through an email address provided and were told to pay the ransom — one of the largest-ever known demands for such an attack — in exchange for a decryption key to unlock the city's data.

Mitchell said he was initially opposed to talking with the attacker, a position most cybersecurity experts recommend. Experts say paying the ransom can encourage hackers to launch other attacks or repeated strikes against a city that paid up.