A CITY council in Florida have announced that they will be paying a $600,000 ransom in bitcoin to hackers who have compromised their network.

The attack crippled their entire network for three weeks before the city council decided to face the ransomware fee, compromising emails and other systems which resulted in staff payments being made by cheque, and 911 dispatchers could not enter calls into computer systems.

It is believed that the ransomware infiltrated the system via email. An employee within the city police department opened an infected email, resulting in a rapid compromise of their entire network.

The council initially authorised $941,000 for new hardware in an attempt to alleviate the issue but have now decided to attempt to pay the ransom in full.

We have seen similar incidents before. Attackers responsible for a previous ransomware attack demanded $50,000, and the company decided to pay solely on the basis that if they didn’t take the risk of retrieving their data, they would have been liable for $17 million in damages instead.

MORE: Look out for dumpster divers

There is a huge risk involved in paying off ransom fees. Threat actors know how crippling their attack is and are inclined to continue to demand more payments from the business. For example, paying $500,000 to an attacker to restore your files may not work, attackers understand how important this data is to your business, and are enthusiastic to raise the price to match your demand.

This is an important lesson that hackers can cause colossal damage with a targeted attack. As a business, you can incorporate stringent security measures, but without appropriate training there is always a way in.

Take the time to secure your infrastructure while also training your staff by using security refresher training courses, or by introducing your own campaigns internally.