Officials from Lake City, Florida, have fired an IT employee last week after the city was forced to approve a gigantic ransomware payment of nearly $500,000 last Monday.
The employee, whose name was not released, was fired on Friday, according to local media reports [1, 2], who cited the Lake City mayor. The city’s IT manager is also planning to revamp the town’s entire IT department to prevent a similar incident from happening in the future.
AFTERMATH OF THE “TRIPLE THREAT” ATTACK
Lake City’s IT network was infected with malware on June 10. The city described the incident as a “triple threat.”
In reality, an employee opened a document they received via email, which infected the city’s network with the Emotet trojan, which later downloaded the TrickBot trojan, and later, the Ryuk ransomware. The latter spread to the city’s entire IT network and encrypted files. Hackers eventually demanded a ransom to let the city regain access to its systems.
The city’s leadership approved a ransom payment last Monday, which was paid the next day, on Tuesday. The city’s IT staff started decrypting files on the same day. At the time, Lake City was the second Florida city to pay a gigantic ransom demand to a ransomware gang. The first was Riviera City, who paid 65 bitcoins ($600,000) the week before Lake City.