Maryland Public Television’s Charles Robinson reports on how Baltimore continues to recover after city computers were infected with ransomware in the May 2019 Baltimore ransomware attack and interviews Dr. Rick Forno, associate director of the UMBC Center for Cybersecurity and graduate director of UMBC’s Cybersecurity MPS degree program.
From Wikipedia: On May 7th 2019, most of Baltimore’s government computer systems were infected with a new and aggressive ransomware variant named RobbinHood. All servers, with the exception of essential services, were taken offline. In a ransom note, hackers demanded 13 bitcoin (roughly $76,280) in exchange for keys to restore access. The note also stated that if the demands were not met within four days, the price would increase and within ten days the city would permanently lose all of the data.
As of May 13, 2019 all systems remained down for city employees. It is estimated that it will take weeks to recover. According to Mayor Jack Young, US Federal Law enforcement continue to investigate the attack. The attack had a negative impact on the real estate market as property transfers could not be completed until the system was restored on May 20th. However, the restoration of all systems was, as of May 20, 2019, estimated to take weeks more.
Baltimore was susceptible to such an attack due to its IT practices, which included decentralized control of its technology budget and a failure to allocate money its information security manager wanted to fund cyberattack insurance. The attack has been compared to a previous ransomware attack on Atlanta the previous year, and was the second major use of the RobbinHood ransomware on an American city in 2019, as Greenville, North Carolina was also impacted in April.