Baltimore is weeks into a ransomware attack
What happens when a city isn't properly protected against cyber attacks? The city of Baltimore is finding out the answer to that question now, weeks into a RobbinHood ransomware attack that started on May 7.
The attack appears to have started in Baltimore's Department of Public Works, which reported that their email, phones, and other systems were cut off in the early hours of May 7. The Office of Information Technology then ordered that all non-emergency systems be shut down in order to stop the attack from spreading.
Ransomwares is a type of cyber attack where criminals take over a device and then demand a ransom for its return. Ransomware attacks can be delivered via emails infected with malware, phishing attacks, and through fake websites that get people to enter personal information. If the person or organization being attacked refuses to pay the ransom, the cyber criminals may delete all of their data.
While Baltimore's 911 and fire services haven't been affected by this ongoing attack, a huge array of "non-essential" services are out of commission or have switched to inefficient paper methods. Those include water bills, parking tickets, red light and speeding camera citations, and closings on real estate deals. The newly appointed mayor - who took office just before the attack - has said that they're not sure when all city services will be restored.
"I am not able to provide you with an exact timeline on when all systems will be restored. Like any large enterprise, we have thousands of systems and applications. Our focus is getting critical services back online, and doing so in a manner that ensures we keep security as one of our top priorities throughout this process. You may see partial services beginning to restore within a matter of weeks, while some of our more intricate systems may take months in the recovery process… we engaged leading industry cybersecurity experts who are on-site 24-7 working with us.
Some of the restoration efforts also require that we rebuild certain systems to make sure that when we restore business functions, we are doing so in a secure manner."
The cost of cleaning up the attack - as well as the ransom itself - will fall on taxpayers as ArsTechnica reports that the city doesn't have cyber attack insurance. That's despite the fact that they were warned about the necessity of that type of insurance last year, when the Baltimore information security manager requested that a policy be included in the budget. However, no policy was purchased and no training was conducted to help city employees be more secure.
The city of Baltimore is working with the FBI to catch the attackers. In the meantime, other cities may want to take note. It's probably past time to get that cyber attack insurance.Share this post
Install Tenta Browser Free!
Start protecting your online privacy today with Tenta Browser.