Lake City became the second Florida city to pay a substantial ransomware demand to hackers in less than a week. Lake City, a small town with a population of 65,000, on Monday voted to pay a ransom demand of 42 bitcoins, worth nearly $500,000. Just a few days prior, another Florida city, Riviera Beach had also gone ahead with the decision to pay out $600,000 in ransom to recover locked data. “The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month, on June 10, which the city described as a ‘triple threat,’ according to a ZDNet report. Sources have reported that both incidents occurred due to an employee opening a malicious email and backup systems not working properly.

— To pay or not to pay: While most security experts advise against paying ransomware, Forrester analysts Josh Zelonis and Trevor Lyness in a research report suggest victims of ransomware should at least consider paying the ransom as a viable option. “Paying ransomware should be viewed as any other business decision.” (Larry Dignan, ZDNet)

— Ransom amounts rose 90% in Q1: The average ransom increased by nearly 90% to $12,762 in the first quarter of 2019, as compared to $6,733 in Q4 of 2018, according to a report from Coverware. “The ransom increase reflects increased infections of more expensive types of ransomware, such as Ryuk, Bitpaymer, and Iencrypt. These types of ransomware are predominantly used in bespoke targeted attacks on larger enterprise targets.”

— Downtime is the killer cost: How Much Does a Ransomware Attack Cost? While there is obviously an upfront cost for recovery of data including the ransom if paid, the often more expensive cost of ransomware attack ends up being the total cost of downtime—often 5-10x the actual ransom amount. (Coverware)