Officials at California's San Bernardino County have confirmed that the city has paid $1.1 million to attackers behind the compromise of its Sheriff's Department, which has led to the encryption of various files and the disruption of its systems, reports KABC-TV.
Only more than $511,000 has been shelled out by the city due to insurance coverage, with the payment agreed upon by the county and its insurer after negotiations with the attackers.
"The decision whether to render payment was the subject of careful consideration," said county officials.
Meanwhile, investigation into the incident continues but officials believe that phishing links may have been used by attackers to obtain initial access, which Tanium's Vivek Bhandari has been noting to be increasingly prevalent.
"The cost is pretty brutal, not just to financial but in the case of law enforcement it's the agency, the people they are serving," said Bhandari, who added that ransom payments would only prompt increased targeting from other threat actors.
Officials at the City of Augusta, Georgia, have been noted by Mayor Garnett Johnson to have not communicated with the BlackByte ransomware operation that took credit for a cyberattack against the city that commenced on May 21, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks exploiting a zero-day in the MOVEit Transfer file transfer app to compromise various servers and facilitate data exfiltration efforts have been admitted by the Clop ransomware operation, also known as Lace Tempest, TA505, and FIN11, after the intrusions have been attributed to the group by Microsoft, reports BleepingComputer.