Earlier this month, hackers infected around 10,000 municipal computers in the city of Baltimore. The malicious operators behind the attack demanded $100,000 in Bitcoin to give officials control of their data networks again.
The local government refused, and Charm City’s digital infrastructure has been at a standstill ever since. Though private cybersecurity experts and the Federal Bureau of Investigation (FBI) are now on the case, the city’s network is still partially offline.
Ransomware Attack Details
On May 7, cybercriminals launched a devastating ransomware attack on the City of Baltimore’s computers. Hackers inserted a program called RobinHood onto the municipal network that renders server data completely inaccessible. Consequently, city employees have been unable to send emails, process estate sales, or accept utility bill payments.
The rogue operators sent the city a ransom note demanding 13 Bitcoins ($101,279) for a decryption key. Cybersecurity expert Avi Rubin examined the malware and noted even the National Security Agency wouldn’t be able to crack it. Despite the seemingly intractable nature of the malware, Baltimore Mayor Jack Young refused to meet the hacker’s demands.
Because the attack is affecting government systems, both the FBI and Secret Service have joined the investigation. On May 17, Mayor Young made a statement indicating the city was employing elite data scientists to restore the compromised digital infrastructure.
Three days later, officials announced Baltimore was once again able to process real estate transactions. However, the local government has been unable to provide a timeline for a full restoration of services.
Notably, Baltimore has incurred two significant ransomware attacks within the last two years. Last March, hackers disabled the city’s 911 dispatch system temporarily. Cybercriminals accessed the local emergency system after a technician left a network port unprotected. In the 2018 attack, operators only demanded $51,000 in digital currency, and the intrusion was contained within 24 hours.
No System is Safe
The problem of municipal ransomware attacks is not limited to Maryland. Throughout 2019, 20 different municipalities across the United States have had their computer systems hacked.
In April, Cleveland Hopkins International Airport suffered a malware intrusion that affected its computer systems for more than a week. One month earlier, the city of Albany, New York lost access to its servers and terminals due to a ransomware attack that lasted two days.
Although regional government officials have consistently refused to comply with any ransom demands, hackers haven’t stopped targeting civic computer networks. Rubin told National Public Radio malicious operators keep shaking down cities because private companies often surrender to ransomware attacks. It’s also worth noting municipalities don’t always benefit from their zero-tolerance policies.
For instance, in early 2018, cybercriminals took control of a range of Atlanta’s government data networks. The attackers demanded $51,000 in Bitcoin to give back control of their computers. The city remained firm, and data security experts from the FBI, Secret Service, and the Department of Homeland Security worked to undo the hack.
Ultimately, government agencies were unsuccessful. So, the city had to pay $17 million to repair its digital infrastructure.
Overall, U.S. municipalities need to make their networks as watertight as possible as the Baltimore ransomware attacks suggest a pattern of escalation. Moreover, as hackers’ malware becomes increasingly sophisticated, mitigating the damage of a cyber-attack is becoming increasingly difficult.