The City of Waynesboro said the recent BianLian ransomware attack on the city wasn’t the first. The most recent attack was on fileserver data including files from the police department, public relations and City Council members.
AFP reached out to Waynesboro City Manager Mike Hamp to follow-up and asked about past issues with cyber attacks, money spent on ransom, as well as costs associated with online security for Waynesboro.
“The city did experience a cyber attack about four years ago, Hamp said.
No further details of the extent of that attack were provided by Hamp.
A source told AFP that the city had previously paid a $1,500 ransom in one of the attacks.
However, Hamp disagreed.
Ransoms are often paid when a cyber attack involves locking the organization out of their own computer systems – and won’t unlock them until a ransom is paid. Sometimes, a ransom is paid to avoid data being released online on the dark Web.
“To my knowledge, the city has never paid a ransom,” Hamp said.
Hamp has served as City Manager since 2008.
As far as what the city has done to combat additional attacks, Hamp said “improving system security is an ongoing and rapidly evolving process.”
Hamp did not have an estimate for what the city spends for online security measures – or a number of how many attacks there have been since his tenure with the city began.
Emsisoft threat analyst Brett Callow told AFP that he believes it’s important for cities to make timely and accurate disclosures so those affected can be on the lookout for spam and scams.
While Hamp said city officials were notified of a possible breach in January, no information was provided to the public until after AFP reported the cyber attack on March 6.
“The decision to communicate publicly will depend on the impact of a particular incident to operations, and other factors,” said Hamp.
Related stories
Waynesboro City Manager confirms digital infrastructure was stolen, posted online
Ransomware group claims it has infiltrated Waynesboro city government, police data