2019 Baltimore ransomware attack
 | This article or section is in a state of significant expansion or restructuring. You are welcome to assist in its construction by editing it as well. If this article or section has not been edited in several days, please remove this template. If you are the editor who added this template and you are actively editing, please be sure to replace this template with {{in use}} during the active editing session. Click on the link for template parameters to use.
This article was last edited by WuTang94 (talk | contribs) 5 years ago. (Update timer) |
The Baltimore ransomware attack occured in May 2019, in which the American city of Baltimore, Maryland had its servers largely compromised by a new strain of ransomware called RobbinHood. Baltimore became the second U.S. city to fall victim to this new strain of ransomware after Greenville, North Carolina and was the second major city in the country with a population of over 500,000 people to be hacked by ransomware in two years, after Atlanta was attacked the previous year.
Attack
On May 7th 2019, most of Baltimore's government computer systems were infected with a new and aggressive ransomware variant named RobbinHood. All servers, with the exception essential services, were taken offline. In a ransom note, hackers demanded 13 bitcoin (roughly $76,280) in exchange for keys to restore access. The note also stated that if the demands were not met within 4 days, the price would increase and within 10 the city would permanently lose all of the data. [1][2][3][4][5][6][7]
As of May 13, 2019[update] all systems remained down for city employees. It is estimated that it will take weeks to recover. According to Mayor Jack Young US Federal Law enforcement continue to investigate the attack.[8]
The attack had a negative impact on the real estate market as transfers could not be completed until the system was restored on May 20th.[9] However, the restoration of all systems was, as of May 20, 2019[update], estimated to take weeks more.[10]
Baltimore was susceptible to such an attack due to its IT practices, which included decentralized control of its technology budget and a failure to allocate money its information security manager wanted to fund cyberattack insurance.[10] The attack has been compared to a previous ransomware attack on Atlanta the previous year, and was the second major use of the RobbinHood ransomware on an American city in 2019, as Greenville, North Carolina was also impacted in April.[11]
References
- ^ "A ransomware attack is holding Baltimore's networks hostage". Engadget.
- ^ Song, Victoria. "Baltimore's Government Held Hostage by Ransomware Attack". Gizmodo.
- ^ Gallagher, Sean (May 8, 2019). ""RobbinHood" ransomware takes down Baltimore City government networks". Ars Technica.
- ^ https://www.nytimes.com/2019/05/22/us/baltimore-ransomware.html
- ^ https://www.theverge.com/2019/5/25/18639859/baltimore-city-computer-systems-cyberattack-nsa-eternalblue-wannacry-notpetya-cybersecurity
- ^ https://www.bbc.com/news/technology-48423954
- ^ https://baltimorebrew.com/2019/05/26/microsoft-sounded-alarm-two-years-ago-about-nsa-hacking-tool-that-reportedly-hit-baltimore/
- ^ Melser, Lowell (May 13, 2019). "Six days later, Baltimore government is still recovering from ransomware attack". WBAL.
- ^ Stewart, Emily (May 21, 2019). "Hackers have been holding the city of Baltimore's computers hostage for 2 weeks". Vox. Retrieved May 21, 2019.
- ^ a b Gallagher, Sean (May 20, 2019). "Baltimore ransomware nightmare could last weeks more, with big consequences". Ars Technica. Retrieved May 21, 2019.
- ^ Duncan, Ian; Zhang, Christine (May 17, 2019). "Analysis of ransomware used in Baltimore attack indicates hackers needed 'unfettered access' to city computers". The Baltimore Sun. Retrieved May 28, 2019.