Ransom paid by California county following sheriff’s office cyberattack

Officials at California's San Bernardino County have confirmed that the city has paid $1.1 million to attackers behind the compromise of its Sheriff's Department, which has led to the encryption of various files and the disruption of its systems, reports KABC-TV. Only more than $511,000 has been shelled out by the city due to insurance coverage, with the payment agreed upon by the county and its insurer after negotiations with the attackers. "The decision whether to render payment was the subject of careful consideration," said county officials. Meanwhile, investigation into the incident continues but officials believe that phishing links may have been used by attackers to obtain initial access, which Tanium's Vivek Bhandari has been noting to be increasingly prevalent. "The cost is pretty brutal, not just to financial but in the case of law enforcement it's the agency, the people they are serving," said Bhandari, who added that ransom payments would only prompt increased targeting from other threat actors.