Security Experts:

Connect with us

Hi, what are you looking for?



Cyberattack Cripples Baltimore’s Government Computer Servers

Baltimore’s government on Tuesday rushed to shut down most of its computer servers after its network was hit by a ransomware virus. Officials believe it has not touched critical public safety systems.

Baltimore’s government on Tuesday rushed to shut down most of its computer servers after its network was hit by a ransomware virus. Officials believe it has not touched critical public safety systems.

Agents with the FBI’s cyber squad were helping city technology employees try to determine the source and extent of the cyberattack. Baltimore Mayor Bernard “Jack” Young said police, fire and EMS dispatch systems have not been affected, but other layers of the mid-Atlantic city’s network have been “infected with a ransomware virus.”

“At this time, we have seen no evidence that any personal data has left the system,” Young tweeted Tuesday afternoon.

While the scope of the problem wasn’t immediately clear, email and phone outages hobbled parts of the city’s network. Public works officials told customers that “for now we’re unable to take calls to discuss water billing issues.” Finance department employees said they could only accept checks or money orders.

The Tuesday problems come just over a year since another ransomware attack hit Baltimore’s 911 dispatch system, prompting a worrisome 17-hour shutdown of automated emergency dispatching. The March 2018 attack required the transition of the critical 911 service to manual mode.

Following last year’s attack, which came days after ransomware staggered the city of Atlanta’s computer network, officials in Baltimore disclosed that its systems were made vulnerable by an “internal change to the firewall” by a technician who was troubleshooting within the automated dispatch system.

Ransomware typically exploits known software vulnerabilities. Cybersecurity experts say organizations that fall victim to such attacks often haven’t done a thorough job of patching systems regularly.

A 2016 survey by the International City/County Management Association and the University of Maryland, Baltimore County, found that ransom demands accounted for roughly one third of attacks on city and county administrations.

Cory Fleming, program director of the association, said it was difficult to say what this second recent attack on Baltimore means but she stressed that the security of a city’s digital infrastructure is no longer just a reflection of its IT department. She said it raises leadership questions.

“Every staff member needs to understand best practices and see themselves as stakeholders in security. When that doesn’t happen, usually a city needs leadership not new tech,” Fleming said in an email.

Last week, former Mayor Catherine Pugh resigned in the middle of her first term. She’s mired in a scandal that’s put her in the crosshairs of federal, state and city investigators trying to unravel the murky financial arrangements of her self-published children’s books. Young, a fellow Democrat, officially took over as Baltimore’s mayor last week.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.