U.S. mayors resolve to no longer pay ransomware attackers

The United States Conference of Mayors issued a resolution at its 87th annual meeting to stand united against paying ransoms when their municipality is hit with a ransomware attack.

The organization stated in its resolution that paying ransoms merely encourages others to conduct similar attacks by showing there could be a financial benefit, and that it behooves municipal governments to de-incentivize these attacks to prevent further harm. The Conference of Mayors is comprised of mayors representing cities with more than 30,000 residents.

“NOW, THEREFORE, BE IT RESOLVED, that the United States Conference of Mayors stands united against paying ransoms in the event of an IT security breach,” the resolution stated.

The resolution was introduced by Baltimore Mayor Jack Young and co-sponsored by Las Vegas Mayor Carolyn Goodman. Baltimore was victimized in May by a massive Robbinhood ransomware attack that effectively shut down city operations. Young refused to pay the $76,000 ransom, but the city is now estimating it will cost $18 million to fully recover from the incident.

Atlanta found itself in a similar situation in 2018 after it was hit with SamSam ransomware and faced recovery costs hitting the $17 million mark.

Prior to the resolution passing, two Florida Cities, Riviera Beach and Lake City, paid ransoms of $600,000 and $460,000, respectively, to regain access to their systems. Riviera Beach Mayor Ronnie L. Felder is a member of the Conference of Mayors, but it is not known how he voted on this resolution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.