Back to Ransomware


Riviera Beach to pay hackers nearly $600,000 to regain access to their systems.


On June 20, 2019, the city of Riviera Beach, Florida revealed that a ransomware attack had crippled the city's network. In an effort to regain access to their systems, Riviera Beach's City Council agreed to pay the attackers a ransom of 65 Bitcoin, or about $600,000.

What happened

On May 29, 2019, a City Hall employee clicked on a malicious email attachment, allowing ransomware to infect the city's systems. The ransomware affected both email and emergency response systems, meaning employees were left to complete subsequent administrative tasks on paper.

The city hired an external cybersecurity firm to assist with the attack; the firm recommended the city pay the attacker's ransom to get its system restored, since the ransomware fee will be covered by the city's insurance. However, the FBI does not encourage paying ransoms, because there have been many occasions where organizations have not received the decryption keys even after the ransom has been paid; plus, seeing organizations cave to ransomware demands encourages cybercriminals to continue performing these types of attacks in the future.

After the attack, the city decided to spend nearly $1 million to replace its computers and other hardware to enhance its security. The Riviera Beach attack occurred just a month after the city of Baltimore also suffered a similar infiltration to its network.

Cyberattacks can be costly. If you want to avoid disasters like these and the negative news headlines that come with them, invest in a tool like ManageEngine DataSecurity Plus that can secure data and mitigate ransomware attacks. Download a 30-day, free trial of ManageEngine DataSecurity Plus today.

Check out these eight best practices to avoid cybersecurity attacks, and protect your organization.

How ManageEngine DataSecurity Plus can help

    DataSecurity Plus is an automated ransomware threat identification and mitigation solution that:

    Generates real-time alerts when an attempted ransomware attack is detected. The main indicator of a potential ransomware attack is an unusual amount of changes to files and folders. DataSecurity Plus monitors the frequency of file modifications by each user and issues alerts whenever the number of modifications crosses a specified threshold within a set period of time. Every alert includes the username, source, date, and time of the incident along with any other parameters that might indicate further investigation is warranted. Download our free Ransomware Prevention Kit.

    Offers a customizable and automated response system to quarantine ransomware attacks. DataSecurity Plus uses a built-in ransomware detection and response mechanism to lock down infected devices, and prevent ransomware from spreading to storage devices or network systems. You can also set up your own automated responses, like the execution of a custom script file, to quickly respond to ransomware attack alerts.

    Learn how to prevent ransomware attacks in our e-book featuring best practices from the FBI.

    Simplifies forensic analysis. DataSecurity Plus generates customizable, in-depth, audit-ready reports on all file-related changes, access attempts, events, and share permissions.

    Try out all of DataSecurity Plus' features yourself by downloading a free, 30-day trial.


Stay In The Know

Thank you

You will receive weekly cybersecurity news soon!

  • Please enter a business email id
    By clicking 'I'm Interested', you agree to processing of personal data according to the Privacy Policy.

2022 Zoho Corporation Pvt. Ltd. All rights reserved.