FLORIDA — As the FBI continues investigating the latest municipal cyberattack of Pensacola, the question for many officials is whether to pay or not to pay the ransom?

  • Pensacola dealing with cyberattack
  • 2019 bad year for cyberattacks in Florida
  • FBI and Cyber Florida experts say don't pay ransom

FBI policy says no, but in the last year Florida attacks have netted millions in ransom.

The international statistics are even more alarming.

In 2019, reported payments made by six Florida municipal governments to hackers have totaled almost $3 million.

Most of these payments are covered by cyber insurance.

For example, Lake City officials said they paid $10,000 in deductible of an estimated $480,000 ransom insurance payment.

One city, Stuart, got off without paying the ransom because they had backed up their servers.

Over the summer, the Conference of U.S. Mayors passed a resolution to not pay ransomware.

They stated it "encourages continued attacks."

Examples of other major cyberattacks the lesson learned is you end up paying anyways.

The City of Atlanta did not pay the ransom but reportedly paid out $17 million while Baltimore reportedly paid $18 million for the same situation.

Usually the cost to a city involves two categories.

There's the cost of recovery and the cost of downtime of servers which studies show are 5 to 10 times the cost of ransom, according to a 2019 Coveware report.

Cyber Florida, USF’s online security institute told Spectrum Bay News 9 there's a reason not to pay, which is in line with FBI policy.

Cyber Florida officials said there's no guarantee cities will recover completely after a cyberattack.

Cyber Florida also said you’d muddy up the investigation.

"Say they do get out of the system and such," explained Cyber Florida's Dr. Sagar Samtani an Assistant Professor of Information Systems and Decision Sciences at USF's Muma College of Business.  "It could be very difficult for a forensics expert to go in and identify exactly how the ransomware operated to what level it encrypted the files, software, the operating system and down the line."​

The Coveware report also found 2019's cyberattacks have become more complex.

At the start of the year, downtime lasted about a week.

After the midyear, it's up to a week and half.