The City of Santee has paid a third-party company $603,000 following what it calls a "cybersecurity incident" on Aug. 20.
According to a statement sent from the city to NBC 7, the attack impacted the computer network that services administration offices, but “there was no impact to any systems that support 911 services, and the outage did not cause any public safety issues.”
They added that the city remained open for business and that it brought in “certain third parties” to help. According to an agenda item for Santee City Council’s Sept. 25 meeting, $603,000 was paid to a company called Coveware on Sept. 10. On their website, Coveware refers to themselves as “ransomware recovery first-responders.”
“They offer different services, like ransomware negotiation, payment facilitation, responding to the incident and helping with recovery,” Nikolas Behar, an adjunct professor of cybersecurity for the University of San Diego, told NBC 7.
Get top local stories in San Diego delivered to you every morning. >Sign up for NBC San Diego's News Headlines newsletter.
While Behar may not be familiar with the details of this particular incident, he shared insight based on his experience. When asked about the payment made by the city to the company, he said, “There’s no way for us to tell what they actually did with that money. Six hundred thousand dollars seems like a lot for an incident response, so, not 100%, but it wouldn't surprise me if some of that money actually went to pay the ransomware crew.”
Behar explained that hackers are often part of larger, very organized organizations much like the companies they are attacking, and they’re rarely in the U.S. When it comes to who they choose to target, he said, they are constantly scanning the internet for vulnerabilities, and when they find one, they hold the owner's data hostage.
The city said it is investigating what information may have been compromised as well as what led up to the incident but that it could take weeks or even months to complete its probe, which is not an unusual timeline for this sort of thing, according to Behar.
Local
Behar added that, if anyone is concerned they may have been impacted, he suggests, freezing "their credit to prevent people from opening accounts on their behalf with any personal identifiable information that may have been leaked.”
NBC 7 asked the city of Santee for more information on the incident, as well as details on what part of the budget the $603,000 payment came from, but officials have declined to share further information at this time.
This is a developing story.