Detroit – During a speech at the North American International Cyber Summit, held in Detroit Michigan, mayor Mike Duggan made a startling revelation noting the city had fallen victim to a severe cyber attack. Detroit’s entire city database was encrypted and held for ransom back in April, demanding over $800,000 to release the files.

Duggan said the city database was taken over by ransomware, being held hostage demanding a whopping 2,000 bitcoins, an anonymous digital cryptocurrency. At the time of this article, a BitCoin is worth roughly $401.75, making the ransom fee come out to a massive $805,005. Duggan assured attendees the ransom was not paid as the database is not essential to the city.

“It was a good warning sign for us,” Duggan said at the third annual cyber security summit.

Duggan also revealed that a key person involved in Detroit’s historic bankruptcy case was the recent victim of a cyberattack, noting unknown individuals sent threatening emails to the unnamed man after hackers took a “significant” amount of money from a personal checking account.

Duggan said the attack was one of several the city had endured, giving examples during his talk while noting the city’s lack of updated technology and security. Duggan noted a number of outdated technologies, referring to the fact that the city’s Microsoft Office suite was outdated by 10 years.

The city is said to be in the midst of improving technology and implementing better security standards, including faster email systems among other updates the mayor said.

“We’re in the early stages of ramping up,” he said. “The stakes in play in the state and in the country are enormous.”

Other keynote speakers at the summit included Governor Rick Snyder, former Homeland Security Secretary Michael Chertoff, military leaders and private-sector analysts. As the summit is ongoing, speakers from around the world will talk about growing cybersecurity trends and the best practices to implement, information the City of Detroit is desperately in need of.

The theft of data and security intrusions can be costly to both businesses and the government. According to newly revealed information, the Michigan government alone suffers over 500,000 computer intrusion attacks a day, including web spam, common browser attacks and network intrusion.

Gov. Snyder related the newly “connected world” to self-driving cars in his keynote speech Monday, saying the world is becoming more vulnerable to attack.

“Twenty years from now, your car is going to be driving itself,” Snyder said. “The vehicle will be talking to other vehicles, making decisions on when to stop and when to brake.”

Noting hackers could gain unauthorized access to that device and control it from a remote location. “The risks we have today are only going to dramatically increase,” he said.

Snyder believes businesses and nonprofit organizations are more vulnerable to attack than the government. Saying it’s easier to cause damage while moving through the private sector.

Snyder stressed civilian involvement to combat the large swath of cyberattacks that have been launched at businesses around the globe. “We need to get everyone involved, not just the government,” he said. “It’s the private sector, the individuals all learning more about cyber security.”

Synder also unveiled the ‘Michigan Cyber Initiative 2015’ while at the summit, a set of steps outlining security measures the state needs to take against the growing cyber landscape.

Just last year in 2013, the City of Detroit filed for bankruptcy, due to the city’s exceeding debt of $18-20 billion. Making it the largest municipal bankruptcy filing in U.S. history by debt.

Why would hackers attack one of the poorest city’s in the United States? From reports thus far, the malware that took the system for ransom did not appear to be commercial malware, such as cryptowall or other known ransomware. General ransomware fee’s to release files start at $500 and range up to $800.

Due to the large amount of money hackers requested from Detroit, we believe this was an extremely targeted attack, as no company has publicly revealing being hit with ransomware exceeding these fee’s.

Due to Detroit not having the money, they have claimed the database was of no use and will choose to wipe the systems instead of trying to fix it.

Sources:

The Detroit News