About two weeks ago, anonymous cybercriminals made use of a ransomware dubbed RobinHood to take control of around 10,000 computers belonging to the city of Baltimore, saying that they will not allow anyone to access them unless the city pays them 13 bitcoins. That translates into around $100,000.
Why is the attack difficult to push back, you ask?
Because RobinHood makes it impossible to access any server data unless you have a digital key and, according to Avi Rubin, Computer Science professor at the Johns Hopkins University and Cybersecurity expert, it’s impossible to replicate that key if you are not one of the hackers who created it.
“I don’t even think that the NSA would be able to break this algorithm,” Rubin said. “It’s believed by the cryptographic community, both the theoreticians as well as the practitioners, to be unbreakable by today’s technologies.”
As expected, Baltimore refused to hand over the sum, even if most of the city is now more or less crippled from the attack, with city employees unable to access the software they use for work or even their emails. This has prompted for all operations to be handled manually, where possible.
“Imagine if somebody would sneak into a government building at night, load up a bunch of boxes with all the paperwork for all the pending permits and all the pending house closings and all the pending business that the city was conducting, put it all in a truck and drive away — and demand some money in order to bring that truck back,” Avi Rubin said.“That’s a lot easier to do in cyberspace without getting caught. And that’s what’s happened here.“
The city’s website also features a red box with text that lets the visitors know that it cannot send or receive email and directs them to call whatever city department they might need to contact instead.
“As I’ve mentioned previously, we engaged leading industry cybersecurity experts who are on-site 24-7 working with us.” Bernard C. Young, Mayor of Baltimore has said in a statement “As part of our containment strategy, we deployed enhanced monitoring tools throughout our network to gain additional visibility. As you can imagine, with approximately 7,000 users, this takes time.
Young was unable to say when the systems will be running again: “Our focus is getting critical services back online, and doing so in a manner that ensures we keep security as one of our top priorities throughout this process. You may see partial services beginning to restore within a matter of weeks, while some of our more intricate systems may take months in the recovery process.“
Atlanta has also suffered a similar attack back in 2018 and the Atlanta Journal-Constitution stated that it took the city $17 million to recover. Even so, Baltimore officials have reached out to Atlanta for advice.
At the time this article is being written, the city of Baltimore has not yet recovered. A series of experts have been called in to attempt to restore the service and the FBI and Secret Service are currently investigating the situation.
Follow TechTheLead on Google News to get the news first.