Baltimore City was hit by a ransomware attack last month that forced thousands of city employees out of their accounts. Many of these accounts are still offline at the time this article is being written and only one third of the employees managed to regain access.
The attack affected more than just the government systems: the real estate business had to figure out a pen-to-paper approach and some home buyers couldn’t even move into their new homes and their property settlement had been postponed indefinitely, according to The Baltimore Sun.
City employees now have to report in person to receive any network or email credentials and to present a city ID before they’re even allowed to get new passwords. It’s a time consuming process, especially if you consider that the city of Baltimore has over 10,000 employees at offices all around the city.
The hackers demanded $13 bitcoins (that means around $100,000) to return the network to its functional state, which the city refused to pay.
Since then, a Twitter account has been confirmed to belong to either the or one of the hackers that initiated the attack. The user posted documents that showed he had, indeed, managed to steal some data from a city server, in response to those who argued that the account was fake.
However, a spokesperson from the Mayor’s office stated that no personal data had been stolen and it’s worth noting that the images on the Twitter account were of low-resolution documents filed a while ago.
The account was eventually suspended by Twitter but not because of who the user allegedly claimed he was but because he posted a final warning to Baltimore City Mayor Bernard ‘Jack’ Young tinged with profanity and racist innuendos. The hacker stated that the Mayor had until June 7th to pay for the keys that can decrypt the files on the city computers.
The Mayor of Baltimore has not yet released an official statement concerning the hacker’s demand but the total bill for the city in the wake of the attack has already risen up to $18 million.
Baltimore City Council President Brandon Scott will chair a committee that will review the situation and he also released a statement last week where he asked the governor to declare a disaster and request funding.
“I’ve reached out to governor [Larry] Hogan’s office today to urge his leadership and cooperation in seeking Federal Emergency & Disaster Declaration for this incident,” Scott said “Given the new information and circumstances, it’s even more clear that the federal government needs to have a larger role in supporting the city’s recovery, including federal reimbursement for damages.”
The New York times reported that the Baltimore attack is the result of a National Security Agency-developed cyber weapon dubbed EternalBlue that had been stolen during a security breach, something that the National Security Agency and the alleged hacker himself have denied.