Baltimore, a city on the East coast of the US, has been subject to a ransomware hacking attack since 7th May. This is a major metropolitan city and is the capital city of Maryland. It holds over 600,000 residents and daily life has become difficult due to this attack.
Origins of the Attack
The hackers involved in this attack still remain anonymous but several leads have popped up since the attack. The hackers took to Twitter where they sent a ransom letter to the general public. Eric Sifford, a security researcher uncovered usernames and passwords from Twitter that would potentially lead to the identifications of the attackers. Also, it was found through Twitter, a ransomware software called “Robbinhood” was used to carry out the attack. Through further investigation of the FBI, it was identified that a new variant of “Robbinhood” could have been used that had appeared last month.
The software “Robbinhood” requires an RSA key to be present in the targeted computer, which implies that the hacking must have been done in multiple steps which involves accessing files and getting administrative authority. The “Robbinhood” virus or software basically renames and encrypts any given file. So, the hackers have attacked the Baltimore public services that work online and have demanded a ransom of roughly 13 bitcoins from the state government.
Negotiation Refusal declared by Baltimore
The upcoming mayor Bernard “Jack” Young has refused to pay the ransom amount to the hackers. Bernard “Jack” Young, stated that it was unclear how long the city’s systems would be offline. “There is a backup system with the IT department,” he said, “but we can’t just go and restore because we don’t know how far back the virus goes. So I don’t want people to think that Baltimore doesn’t have a backup.”
The state of Baltimore due to the Attack
Since the attack, Baltimore had to go “manual” in its working. As most of the public data was not possible to access, physical records were taken of transactions and contracts. But, in case of things like transaction of real estate, it had to be completely halted as physical data wouldn’t be sufficient enough for transaction at such scale. Most of the public services like the Police system and the online tax portals were down. But, unlike the attack that happened last year, emergency dispatching systems like 911 were still functional.
This attack has to be one of the most extensive attacks of ransomware ever done. The scale of it is enough to raise concerns over cybersecurity.