The City of Baltimore Suffers Second Ransomware Attack

Baltimore City Computers Hacked — Again

Baltimore city government computers suffered outages on Tuesday after the city fell victim to a cyber attack. Early Tuesday morning, city computers were found riddled with RobbinHood, the same ransomware variant that took down the City of Greenville last month.

The exact intrusion method is unclear, however IT staff is working to identify how the cyber attack was able to bypass its security solution.

City officials have confirmed, emergency services were not impacted; although, a majority of city servers were shut down. This resulted in various departments being unable to access their files, including the city’s water department.

After RobbinHood infected the city’s servers, a ransom note populated on impacted devices. The note stated the current demands were 3 Bitcoins (approximately $17,600 USD) per system. Or, if the city wanted a discounted price, hackers would restore all of the city’s systems for 13 Bitcoins ($76,280 USD). The ransom note claimed demands would increase if the city didn’t pay within the first four days. Then, if the city failed to pay by the tenth day, the data would be permanently corrupted. According to the Baltimore Sun, city officials do not plan to pay the ransom demands.

This isn’t the first time ransomware corrupted Baltimore city’s networks. In March 2018 Baltimore’s emergency services were infected with ransomware. PC Matic has filed a public record request with the city to determine which security solution was being used at the time of infection and if they switched solutions since. However, these requests have yet to be responded to.

Other Attacks

For a list of ransomware attacks that have already taken place in 2019, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.

1,474 total views, 1 views today

(Visited 1 times, 1 visits today)

One thought on “The City of Baltimore Suffers Second Ransomware Attack

  1. It would be interesting to know whether Boston City paid the first ransom last March. If they did, then they will know why the hackers returned, if they didn’t, then they should start looking at their choice of security suites.

    It would also be interesting to see a law requiring all such victims to publish their security arrangements. Let us all see which security solutions fail.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.