The Asian Art Museum silently endured a ransomware attack in May, but they swear they didn’t pay up.
There have been roughly a dozen ransomware cyberattacks on U.S. city computers systems over the last few years, where hackers essentially shut down the city employees' computers and demand some sort of cryptocurrency payment to restore them. Unfortunately, most victims just pay it and move on. But apparently one San Francisco nonprofit was recently hacked, and it looks like the city’s IT team came through to wrest control from the hackers. ABC 7 first broke the news Tuesday that the Asian Art Museum Museum had been hit in a ransomware attack that disabled part or all of the museum’s computer systems. Their network was reportedly restored without incident, and a representative told the station that “everything is now fine."
It’s unclear how much the hackers demanded, how long the system was disabled, or whether any information or data was compromised. Museum officials reportedly contacted police, and the city’s IT security personnel apparently found a workaround to restore the system.
"I want to make it very clear the City of San Francisco is not going to pay ransom. We don't believe in taking taxpayer dollars to fuel criminal enterprises," city administrator Naomi Kelly told ABC 7 in a follow-up report. "We have purchased cybersecurity insurance to make sure in the event of a hack or ransomware attacks, that we can replace our hardware quickly."
The attack was apparently confined to the Asian Art Museum’s computer systems, and did not hit anything at City Hall, across Civic Center Plaza. It’s a pretty minor cyberattack compared to what other cities have endured thus far. The city of Baltimore had its computers held hostage for weeks in a ransomware attack earlier this year, and ABC 7 also reports that the Florida town of Riviera Beach was forced to pay a ransom of 65 bitcoins (roughly $600,000) last month.
“It has re-elevated the conversation at City Hall, whether we're prepared, whether we have the right protocols in place," Sup. Aaron Peskin told ABC 7. "We are prepared for cyber attacks. We are prepared for ransomware attacks.”
The city's computers have, in fact, suffered a malicious cyberattack in the past. You might remember the 2008 case of Terry Childs, a San Francisco IT administrator who froze the city’s computers by creating a new systemwide password that only he knew. Childs was acting out in retaliation for an attempted firing for poor job performance. Then-mayor Gavin Newsom was able to coax the password out of him in a secret jailhouse visit that was unknown even to then-district attorney Kamala Harris.
Related: Stick-Wielding Woman On The Loose Near Asian Art Museum [SFist]
Image: Christ Yunker via Flickr