Baltimore Severs Down After Ransomware Attack
Another city has become the victim of a ransomware attack, as government officials in Baltimore have revealed that the city hall computer networks have been infected, according to CBS Baltimore.
Experts have identified the ransomware used in this case as the RobbinHood variant, about which there is little information given that it is relatively new. RobbinHood was also identified as the ransomware used last month in an attack on Greenville, North Carolina.
Though it has been reported that no personal data has been compromised at this time, Mayor Jack Young reportedly released a statement confirming the attack.
“Baltimore City core essential services (police, fire, EMS and 311) are still operational but it has been determined that the city’s network has been infected with a ransomware virus. City employees are working diligently to determine the source and extent of the infection. At this time, we have seen no evidence that any personal data has left the system. Out of an abundance of precaution, the city has shut down the majority of its servers. We will provide updates as information becomes available.”
A series of tweets put out by the Baltimore Department of Public Works began by assuring citizens, “We are not ignoring you. Email service is down. Techs are working on the problem now.
“The email outage has also taken down phone lines to Customer Support and Services, so for now we're unable to take calls to discuss water billing issues. Sorry for the inconvenience.”
Baltimore's city council president, Brandon M. Scott, tweeted that the majority of the city’s servers have been shut down as a precaution.
This attack is the second one Baltimore has suffered in the past year, according to the Baltimore Sun, which reported that last year’s attack shut down automated dispatches for both 911 and 311 calls.
“Local governmental organizations are not known for their speed or for having large IT security budgets. If you’re a hacker who's had a successful attack in the past, why not attack the same target? The defenses will likely have not changed,” said John Gunn, CMO, OneSpan.
Source: Information Security Magazine