Approximately 10,000 Baltimore City government computers remain crippled after a cryptocurrency ransomware attack locked officials out of critical servers, basically paralyzing the city for 14 days and counting.
We were one of the first to report the May 7th attack that brought Baltimore’s entire communication network to a standstill. Hackers wanted 13 bitcoins (about $100,000) on day one of the attacks but have since demanded $10,000 per day since city officials refused to pay the ransom late last week.
Mayor Bernard C. “Jack” Young has warned the attack continues to devastate the city, could take months to recover some servers.
“It’s extremely alarming,” said City Council President Brandon Scott.
Avi Rubin, a Johns Hopkins computer science professor and cybersecurity expert, told NPR the ransomware used in the attack is “unbreakable,” and so powerful that even government specialists cannot crack the code to unlock the city’s computer network.
“I don’t even think that the NSA would be able to break this algorithm,” Rubin said.
“It’s believed by the cryptographic community, both the theoreticians as well as the practitioners, to be unbreakable by today’s technologies.”
This is Baltimore’s second cyber attack in a little more than a year. Last March, a ransomware attack on the city’s emergency communications network forced dispatchers to relay addresses and other critical information to first responders via phone or text.
As the city remains paralyzed on Wednesday, numerous services provided by the local government are either offline or workarounds have been developed.
On the eighth day of the attack (May 15th), we reported the essential systems required for transacting real estate deals went offline, throwing the entire housing industry into chaos, which meant no homes could be bought or sold in the area. But it was only until yesterday, where officials launched a manual workaround for property sales.
The City of Baltimore has developed a manual workaround that will allow real estate transactions to proceed during the City’s technology outage. Starting tomorrow, the Wolman Municipal Building will be open from 7am – 7pm, Monday – Friday. Instructions below – please share! pic.twitter.com/lvvoa7maTX
— Bill Henry (@BillforBmore) May 19, 2019
Daniel Tobok, CEO of Cytelligence, whose company has advised 500 cities hit by ransomware attacks, told Fox News “he doesn’t necessarily advocate paying off cyber crooks, he believes that in some instances “you don’t have a choice, you have to make a business decision.”
“What’s frustrating with Baltimore is that it’s been quite a long time since the infection,” Tobok said. “If they aren’t fully operational by now, why are they still playing with this?”
Tobok warned if city officials don’t resolve the hack attack immediately, the economic damage to the city could be devastating.
“Baltimore is playing with time,” he said. “They are going to come to a point where they have two choices – A. The (ransom demands) are going to skyrocket or B. The hackers will shut down the account they have been using and move out.”
The FBI’s cyber team has been working for 10-days straight to help Baltimore resolve their issues.
Baltimore City’s Inspector General said the attack came about one week after a city employee was fired for downloading thousands of pictures of porn onto his work computer.
In the last month, separate cyber attacks have also affected Stuart City, Florida; municipality of Greenville, North Carolina; New York state; Cleveland Airport; Genesee County, Michigan; and Fisher County in Texas.