Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Cyberattack Cripples Baltimore’s Government Computer Servers

Baltimore’s government on Tuesday rushed to shut down most of its computer servers after its network was hit by a ransomware virus. Officials believe it has not touched critical public safety systems.

Baltimore’s government on Tuesday rushed to shut down most of its computer servers after its network was hit by a ransomware virus. Officials believe it has not touched critical public safety systems.

Agents with the FBI’s cyber squad were helping city technology employees try to determine the source and extent of the cyberattack. Baltimore Mayor Bernard “Jack” Young said police, fire and EMS dispatch systems have not been affected, but other layers of the mid-Atlantic city’s network have been “infected with a ransomware virus.”

“At this time, we have seen no evidence that any personal data has left the system,” Young tweeted Tuesday afternoon.

While the scope of the problem wasn’t immediately clear, email and phone outages hobbled parts of the city’s network. Public works officials told customers that “for now we’re unable to take calls to discuss water billing issues.” Finance department employees said they could only accept checks or money orders.

The Tuesday problems come just over a year since another ransomware attack hit Baltimore’s 911 dispatch system, prompting a worrisome 17-hour shutdown of automated emergency dispatching. The March 2018 attack required the transition of the critical 911 service to manual mode.

Following last year’s attack, which came days after ransomware staggered the city of Atlanta’s computer network, officials in Baltimore disclosed that its systems were made vulnerable by an “internal change to the firewall” by a technician who was troubleshooting within the automated dispatch system.

Ransomware typically exploits known software vulnerabilities. Cybersecurity experts say organizations that fall victim to such attacks often haven’t done a thorough job of patching systems regularly.

A 2016 survey by the International City/County Management Association and the University of Maryland, Baltimore County, found that ransom demands accounted for roughly one third of attacks on city and county administrations.

Advertisement. Scroll to continue reading.

Cory Fleming, program director of the association, said it was difficult to say what this second recent attack on Baltimore means but she stressed that the security of a city’s digital infrastructure is no longer just a reflection of its IT department. She said it raises leadership questions.

“Every staff member needs to understand best practices and see themselves as stakeholders in security. When that doesn’t happen, usually a city needs leadership not new tech,” Fleming said in an email.

Last week, former Mayor Catherine Pugh resigned in the middle of her first term. She’s mired in a scandal that’s put her in the crosshairs of federal, state and city investigators trying to unravel the murky financial arrangements of her self-published children’s books. Young, a fellow Democrat, officially took over as Baltimore’s mayor last week.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...