You have commented 280 times on Rantburg.

Your Name
Your e-mail (optional)
Website (optional)
My Original Nic        Pic-a-Nic        Sorry. Comments have been closed on this article.
Bold Italic Underline Strike Bullet Blockquote Small Big Link Squish Foto Photo
-Lurid Crime Tales-
Hackers have been holding the city of Baltimore’s computers hostage for 2 weeks
[VOX] Hackers targeted the city of Baltimore on May 7 using a ransomware called RobbinHood, which, as NPR explains, makes it impossible to access a server without a digital key that only the hackers have.

The Baltimore hackers’ ransom note, obtained by the Baltimore Sun, demanded payment of three bitcoins per system to be unlocked, which amounts to 13 bitcoins to unlock all the seized systems. The note threatened to increase the ransom if it wasn’t paid in four days, and said the information would be lost forever if it wasn’t paid in 10 days. Both deadlines have now passed.

"We won’t talk more, all we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!" the note said.

The city government is refusing to pay, meaning that the government email systems and payment platforms the attack took down remain offline. The attack has also harmed Baltimore’s property market, because officials weren’t able to access systems needed to complete real estate sales. (The city said transactions resumed on Monday.)

Baltimore Mayor Jack Young, who’s officially been in his office less than a month, said in a statement on Friday that city officials are "well into the restorative process" and have "engaged leading industry cybersecurity experts who are on-site 24-7 working with us." The FBI is also involved in the investigation.

"Some of the restoration efforts also require that we rebuild certain systems to make sure that when we restore business functions, we are doing so in a secure manner," Young said. He did not offer a timeline for when all systems will come back online.

The Baltimore City Council president also plans to form a special committee to investigate this latest attack and try to ensure it doesn’t happen again.

A similar attack using RobbinHood hit government computers in Greenville, North Carolina, in April. A spokesperson for Greenville told the Wall Street Journal that the city never wound up paying, and that while its systems aren’t entirely restored, "all of our major technology needs are now being met."

More than 20 municipalities in the US have been hit by cyberattacks this year alone. And such attacks can be expensive, perhaps especially if targets say they won’t pay. In 2018, hackers demanded that Atlanta pay about $50,000 in bitcoins as part of a ransomware attack. The city refused, and according to a report obtained by the Atlanta Journal-Constitution and Channel 2 Action News, the attack wound up costing the city $17 million to fix.
Posted by:Fred

#13  Well, bike paths often have a higher budgetary priority than pumps, levees, or computer security---ya know.
Posted by: Alaska Paul   2019-05-23 17:17  

#12  When the Internet first got going everybody thought it was incredibly cool and everybody wanted to be on it. But the fact is, some sensitive databases have no business on the Internet. Further, if they must be online, they should be protected by multiple firewalls. If regular backups were not being done somebody needs to be fired. But regular backups are not enough. The backups should be tested by restoring them to a spare server and that spare server should be at a remote location and ready to switch over to production at a moment's notice. My experience is that, all too often, failure to implement these measures is a risk that senior management is willing to take for the sake of other, jazzier budget items. All too often, senior management don't know what they don't know and they won't listen to the peons who do know. In Baltimore they are now finding out. But then, it's Baltimore, a blue city.
Posted by: Abu Uluque   2019-05-23 13:57  

#11  Government IT? Either the lowest bidder or some politician's relative that knows how to turn on a computer.
Posted by: Bob Grorong1136   2019-05-23 11:49  

#10  Baltimore is just full of Bad Luck.
Posted by: swksvolFF   2019-05-23 11:35  

#9  Sometimes it is cheaper to pay. It may not be a spelling mistake Bobby, Tik Tak is Dutch.
Posted by: BernardZ   2019-05-23 09:12  

#8  #7 - Ballymore Public Skool grads?
Posted by: Frank G   2019-05-23 09:05  

#7  One clue is the hackers can't spell "tick tock".
Posted by: Bobby   2019-05-23 08:43  

#6  ^
Posted by: Procopius2k   2019-05-23 08:38  

#5  #4 These attacks are laughably easy to thwart. Automatic backups, separate databases, VMs that can be refreshed quickly, etc. The fact it has taken so long to recover should speak volumes on how competent the government IT section is.
Posted by: DarthVader 2019-05-23 05:35

Lord Vader,

The difficulty here is that useful, competent IT security was never the point, but getting money to connected political friends was more important.

Posted by: Mike Kozlowski   2019-05-23 06:08  

#4  These attacks are laughably easy to thwart. Automatic backups, separate databases, VMs that can be refreshed quickly, etc.

The fact it has taken so long to recover should speak volumes on how competent the government IT section is.
Posted by: DarthVader   2019-05-23 05:35  

#3  Some strategies perform one full, then a series of incremental backups over a span of time until the next full backup after which the prior incremental set is deleted.

Full recovery requires restoring one backup plus the incremental set. Much faster to create and restore than a full nightly.
Posted by: Skidmark   2019-05-23 02:29  

#2  No. It's Baltimore. I don't think the idea of nightly data backup has caught on yet.
Posted by: Fred   2019-05-23 01:48  

#1  If this was a professional setup the maximal possible damage should be the loss of data generated between regular backups, i.e. in an interval no larger than a workday.

Is this a more or less clever attempt to destroy records by claiming they were eaten by evil hackers see IRS ?
Posted by: Elmerert Hupens2660   2019-05-23 01:31