Hackers Hold Baltimore City Services Hostage in Cyber Ransomware Attack

Canary. Photo by 4028mdk09.


In what is becoming all to prevalent, modern day robbers are using what is being called ransomware in cyber attacks to hack into services and holding them hostage until they pay their ransom demands to release their grip.

Hospitals have been a prime target, but have since beefed up their own security where possible, so our modern day robbers have been turning their sights on city’s services, and up until now, they’ve been getting paid.

“Anonymous hackers breached the city of Baltimore’s servers two weeks ago. Since then, those servers’ digital content has been locked away — and the online aspects of running the city are at an impasse,” NPR reported on Tuesday.

Baltimore is the latest city to fall victim to this scheme and this cyber attack, according to NPR, “is just one of more than 20 made on municipalities this year” that expects say, “will likely take months for the city to recover.”

“Government emails are down, payments to city departments can’t be made online and real estate transactions can’t be processed.”

Their demands are 13 bitcoins, which is equal to about $103,000.

Effectively, the entire online running aspects of the city are shut down, but Baltimore’s mayor Jack Young said the city will not pay.

The FBI and Secret Service are investigating, and the city has contracted with a series of experts to assist in restoring service.

The cyberattack is just one of more than 20 made on municipalities this year — and cybersecurity experts say it likely will take months for the city to recover.

“Imagine if somebody would sneak into a government building at night, load up a bunch of boxes with all the paperwork for all the pending permits and all the pending house closings and all the pending business that the city was conducting, put it all in a truck and drive away — and demand some money in order to bring that truck back,” said Avi Rubin, a Johns Hopkins computer science professor and cybersecurity expert.

“That’s a lot easier to do in cyberspace without getting caught,” he said. “And that’s what’s happened here.”

An unbreakable algorithm.

The hackers used a ransomware called RobinHood — an extremely powerful and malicious program that makes it impossible to access server data without a digital key. Replicating that key without the hackers is impossible, says Rubin, who has testified about his field before Congress.

“I don’t even think that the NSA would be able to break this algorithm,” he said. “It’s believed by the cryptographic community, both the theoreticians as well as the practitioners, to be unbreakable by today’s technologies.”

The city of Atlanta was attacked with ransomware in March 2018 — its digital civic services similarly ground to a halt. The Atlanta Journal-Constitution reported it cost the city $17 million to recover.

Rubin, who is the director of Health and Medical Security Lab at John Hopkins, said when hospitals were targets of malware attacks hospitals responded quickly with new hardware and software to boost their cybersecurity, says cities and local governments are not prepared for these attacks, and he agrees with the mayor’s decision not to pay, adding that “if no one attacked by malware paid the ransom, these attacks would just completely go away.”

Unfortunately, Rubin said, many private companies quietly pay, which has encouraged hackers to keep up ransomware attacks.

One analysis from CyberEdge found that 45% of organizations hit with ransomware end up paying a ransom. Another, from RecordedFuture, found that at least 17% of state and local government entities pay.

With no key, Rubin said the city will have to rebuild its servers from the ground up. That will likely take months, he said, and will involve implementing new hardware and software and restoring any data the city may have backed up.

In the meantime, “City officials announced the development of a multistep “manual workaround” plan on Monday, nearly two weeks after city servers were first breached.”

Frustrated home buyer.

Baltimore residents are frustrated that there wasn’t a plan for cyber catastrophes.

“The fact that you have a completely unsustainable computer system with no plan in place for when something like this happens after watching it happen to countless other cities — it’s frustrating and disappointing,” said Ashley Merson, a 31-year-old nanny.

Merson has been scrimping and saving for a house for four years. She paid off her debts, got her credit score up and finally was able to make an offer on a two-bedroom duplex house. She is more than ready to leave her low-income apartment complex, where she, her young son and disabled brother squeeze into a one-bedroom.

But just as she was about to settle on that house, the malware attacks struck.

“The process of buying a house is so long and tedious anyway,” Merson said. “Waiting is tough.”

Merson hopes she’s able to settle on her new house soon before her rent increases. “If that happens while her family is still in limbo, Merson said, “then it’s just going to be a pretty crappy situation.””

For further reading:

Lessons From Baltimore’s Crippling Ransomware Attack; Forbes.

Analysis of ransomware used in Baltimore attack indicates hackers needed ‘unfettered access’ to city computers; Baltimore Sun.

Pittsburgh has plan to prevent cyberattack that hobbled Baltimore; TRIBLive.

About the opinions in this article…

Any opinions expressed in this article are the opinions of the author and do not necessarily reflect the opinions of this website or of the other authors/contributors who write for it.