Suffolk Cyberattack: Report Examines If Paying $2.5M Ransom Was Better

HAUPPAUGE, NY — As Suffolk officials continue to grapple with the cyberattack that has all but crippled county government since September, costing an estimated $5.4 million and is expected to cost up to $17 million in restoration efforts, some are questioning whether the $2.5 million ransom should have been paid, Newsday reported.

Though a group of experts told the news outlet that they normally advise against paying hackers off, they noted a full recovery can take a long time and also be costly, as it has for Suffolk.

Speaking in a general sense, George Pavel, vice president of data recovery and security firm, SalvageData, said that clients who have good systems in place, usually don't have to wait four to five months for the restoration of a network, the outlet reported.

Pavel also noted for the outlet that Suffolk’s computer networks encompass several departments, as well as levels of government, which is much more complicated than most business networks.

Other firms are not against paying ransom to hackers.

Palo Alto Networks, which is Suffolk's security contractor, has a record of negotiating and paying ransoms, saying its "been involved in more than 650 cases involving ransomware," and of those cases, it has negotiated payment in over 300 of those cases, Newsday reported.

Patch has reached out to Bellone's office for comment.

At a December news conference announcing the results of the county's initial investigation, Bellone explained why he was against paying the ransom, saying that there was "no guarantee that the criminal actors will honor their commitment or that they won't come back later to extract an additional demand."

"But more important, we don't know who these criminal actors are," he said. "Are they terrorists? Are they engaging in sex trafficking? Are they engaged in activities that are hostile to our nation's interests?"

For more in Newsday, click here.

Suffolk government's web-based applications were breached on Sept. 8 in what officials later described as a ransomware attack. Officials announced late last month that the driver’s license numbers of nearly 500,000 people, who were issued violations in the county's police district, meaning the area patrolled by Suffolk police outside villages, were possibly exposed.

The personal information of current and former employees was also exposed.

County officials have since made available credit monitoring and restoration services for those affected.

RELATED STORIES:

• Cyber Expert Says Suffolk Hackers Could Have Had Another Entry: Report
• 5 Things To Know About Preliminary Suffolk Cyberattack Probe
• Suffolk Cyberattack Hackers Demanded $2.5M: Bellone
• 'Zombie House' Demos Stalled In Brookhaven Over Cyberattack: Officials
• Suffolk Offers Free Credit Monitoring To People Exposed In Cyberattack