STUART, Fla.-- Riviera Beach is not the only local city that has been hacked. The city of Stuart faced the same kind of cyberattack in April.
"Our servers were being encrypted," says Stuart City Manager David Dyess. "They basically take your files and encrypt them, so they’re unusable, kind of like locking the files, so you can’t use your own data and software."
Dyess says lucky for them, an IT worker putting in some weekend overtime spotted the attack. "Fortunately we caught them in the process and was able to stop it before it was completed," said Dyess.
That meant the hackers weren't able to get to all of the city's backups, before it was too late.
"It's always better if you can recover out of something like that without paying. You don’t want to pay a criminal to do a criminal act," said Dyess. "If all of your stuff is encrypted and you have no ability at all to recover your data, the consideration of paying for a decryption key becomes a lot stronger in your mind."
Dyess says Stuart's hackers still demanded money through bitcoin, transactions intended to be anonymous.
"When you pay by bitcoin they can transfer to other wallets that are encrypted and it becomes harder to track the person who that money ends up going to," said Dyess.
Dyess says he can't say how much they asked for, because it's under investigation. He said preparation is key for an attack like this.
"Invest a lot into your backup and recovery. Try to stay ahead of that game and knowledgeable on like the philosophy of 3-2-1 backups which is 3 copies of backups, 2 different locations, 1 off site, employing that throughout your organization is very important," said Dyess.
Dyess says their preparation saved them hundreds of thousands of dollars.