For the second time in just over a year, Baltimore has fallen victim to a major cyberattack. Last year, hackers targeted the city’s 911 emergency system, but this time around, the city government’s files are being held hostage by ransomware.
First things first, if you live in the Baltimore area, vital emergency systems like 911 and 311 remain operational. However, most of the city’s servers were shut down as a precaution after the attack, and officials are unsure when they’ll be fully operational again.
Baltimore City core essential services (police, fire, EMS and 311) are still operational but it has been determined that the city’s network has been infected with a ransomware virus. City employees are working diligently to determine the source and extent of the infection.
— Mayor Bernard C. Jack Young (@mayorbcyoung) May 7, 2019
Essentially, hackers have infected the city government’s computers with what was identified in a press conference by as “the very aggressive RobbinHood ransomware.” It’s also been confirmed that it’s a relatively new variant of the malware. During the press conference, city officials were unable to answer exactly how the ransomware was spread, citing an ongoing federal investigation.
According to a Baltimore Sun report, the ransomware works by employing a “file-locking” virus to encrypt files, which are then held hostage. The Sun also reports that in a ransom note, hackers demanded the city pay 3 Bitcoin (about $17,600) per department, or 13 Bitcoin (about $76,280) for the entire city.
The hackers also reportedly demanded the ransom be paid within four days, at which point they warned the price would go up. After 10 days, the hackers say the files will be irretrievable, according to the Sun.
So far, multiple Baltimore city departments have been affected by the shutdown. The Department of Public Works tweeted early Tuesday morning that its emails were offline and that customer service phone lines were inoperable. As a result, it’s suspended late water bill fees as many citizens remain unable to pay their bills. The Baltimore Police Department and the Department of Transportation have also been reported to have issues with their email and phone systems. Meanwhile, multiple City Council hearings have also been canceled.
The email outage has also taken down phone lines to Customer Support and Services, so for now we're unable to take calls to discuss water billing issues. Sorry for the inconvenience.
— BaltimoreDPW (@BaltimoreDPW) May 7, 2019
In the meantime, Baltimore is resorting to the good, old-fashioned telephone to handle requests—even though some departmental phone lines aren’t exactly working. The Office of the Inspector General, for instance, tweeted an alternative number that people could call as its usual number was rendered inaccessible.
“We just have to revert back to manual,” said Baltimore Mayor Bernard C. Jack Young at today’s press conference. He added that if the problem persisted longer than expected, he might have to ask city employees who can’t do their work to be “go out and help us clean up the city.”
Aside from technical difficulties, the OIG is still accepting Hotline calls directly to our office number 443-984-3690. Please DO NOT call the standard Hotline numbers or email us, as we do not have access. We are grateful for your support and understanding. Have a great day! pic.twitter.com/Mrm7JTFuui
— Baltimore City OIG (@OIG_Baltimore) May 8, 2019
As for whether this could have been prevented by updating the city’s systems, Baltimore Chief Information Officer Frank Johnson was adamant during the briefing that the city had taken adequate measures.
“We have been assessed several times since I’ve been here,” Johnson said, “and have gotten multiple clean bills of health.”
