Cybersecurity experts warn Baltimore to stop ‘playing’ with ransomware attacks


Cybersecurity experts say Baltimore is playing with fire as the deadline to pay thousands of dollars in ransom to hackers who detain several of the city's servers as hostages.

Two weeks have pbaded since a cyber attack paralyzed Baltimore's computer network. Internet thieves wanted 13 bitcoins, approximately $ 100,000, at first, but the sum has increased $ 10,000 per day since then. The deadline for payment – Friday – has arrived and is gone. The city is not saying if it paid, but several servers still did not work on Monday.

"What's frustrating for Baltimore is that it's been a long time since the infection," said Daniel Tobok, CEO of Cytelligence, to Fox News. "If they are not fully operational at this point, why are they still playing with this?"


Tobok, whose company has helped 500 municipalities affected by ransomware attacks, says that although it does not necessarily defend the payment of cyber criminals, it believes that in some cases "it does not have an option, it has to make a commercial decision".

He also warns that if Baltimore continues to stagnate, the result could be devastating.

"Baltimore is playing with time," he said. "They're going to get to a point where they have two options: A. The (rescue demands) will go off or B. The hackers will close the account they have been using and they will be removed."

If that happens, any communication or hope of restoring data could be outside the window, Tobok said.

Baltimore resident Rupert Choudhry says he is "holding his breath" and worries that this may be the calm before an even bigger cyber storm.

"We are all in a way of waiting and seeing," Choudhry told Fox News.

The FBI cyber team and Microsoft experts have been working all day to help the largest city in Maryland. The mayor's office told Fox News on Monday that there has been no increase in the severity of the attack, but did not elaborate beyond that.

On Friday, Mayor Jack Young said he could not provide "an exact timetable on when all systems will be restored."


"Like any large company, we have thousands of systems and applications," he said in a statement sent to Fox. "Our goal is to get critical services back online and do it in a way that ensures that we will maintain security as one of our main priorities throughout this process. "

He added that the city could see "partial services starting to re-establish in a matter of weeks," while some of the more complex systems could take months to recover. "

The attack itself has already had a devastating ripple effect in Charm City. Residents have not been able to pay their bills online, employees of the finance department can only accept checks or money orders and no property transactions have been made since the attack. Most title insurance companies have even barred their agents from issuing policies for properties in Baltimore, according to the Board of Realtors of Greater Baltimore.

In citing the ongoing criminal investigation, the city's information technology chief, Frank Johnson, and other city leaders said his hands were tied and could not provide details about the attack or realistically predict when the city it would be in operation.

They have several "work arrangements" in place that allow some departments to return to work slowly. Johnson described the situation as "incredibly fluid".

"Anyone in this business will tell you that as you learn more, those plans change by the minute," he said.

Unfortunately, this is not Baltimore's first encounter with cyber attacks.

There have been two major gaps in the city's computer systems under Johnson's supervision.

The last batch of problems came just over a year after another ransomware attack hit Baltimore's 911 dispatch system, causing a 17-hour shutdown of the emergency dispatch. The March 2018 attack required operating the critical 911 service in manual mode.

Johnson is one of the highest paid employees in the city, earning $ 250,000 a year. That's more than the mayor, the city's chief prosecutor and the health commissioner are paid.

The latest attack occurred a week after the dismissal of a city employee who, according to the inspector general, had downloaded thousands of badually explicit images on his work computer.

While all municipalities are threatened by malware, cybersecurity experts say organizations that are victims of such attacks often have not done extensive patch work on systems regularly.

Asher DeMetz, lead security consultant for technology company Sungard Availability Services, told The Associated Press that the number of days that Baltimore servers have fallen is unusually long.


"The city of Baltimore should have been prepared with a recovery strategy and been able to recover in much less time, that time would be dictated by a risk badessment that will indicate how much time they can afford to get off," said DeMetz. "They should have been ready, especially after the previous attack, to recover from the ransomware."

In the last month alone, a list of known cyber attacks includes Stuart City, Florida, the City of Greenville, the State of New York, Imperial County, Cleveland Airport, Genesee County, Fisher County in Texas and the Sugar City School District.

Source link

Check Also

Forget catwalks — locked fashion models to try homemade photo sessions with mom and dad behind the camera

Some of the world’s largest fashion brands are asking for locked models to shoot their …