• Follow us

Technology

Baltimore Held Hostage in 2nd Ransomware Attack | Malware

Baltimore officials have admitted that the city government once again has been victimized by ransomware -- the second such attack that Baltimore has faced in just over a year.

City computers were infected with the RobinHood ransomware virus, The Baltimore Sun reported. Hackers told city officials that they would unlock the computers in return for payment of three bitcoins per system, or 13 bitcoins for the entire system. Based on the current exchange rate the ransom added up to about US$17,600 per computer or $76,280 for the system.

The hackers gave officials four days to pay or the ransom price would increase. They threatened to render the systems' data irretrievable after 10 days. In addition, the hackers warned the city not to contact the FBI.

Bernard Young, Baltimore's new mayor, said on social media that the city's essential services were still running, and that there was no evidence that any personal information had been compromised, as of Tuesday afternoon.

"Baltimore City core essential services (police, fire, EMS and 311) are still operational, but it has been determined that the city's network has been infected with a ransomware virus," Mayor Young tweeted on Tuesday afternoon. "City employees are working diligently to determine the source and extent of the infection."

As a precaution, the city did shut down the majority of its servers, the mayor added.

Quick Response

City officials were directed to disconnect their computers from the Internet completely, as the virus was spreading from computer to computer. Employees reportedly were directed to unplug the Ethernet cable from computers and to turn off any connected divisions.

The essential services remained operational, but other services have been disrupted, including the ability to discuss billing issues or make online payments, notably for water bills. As a result, the Baltimore Department of Public Works (DPW) announced via social media that it would suspend late water bill fees for both city and countycustomers.

The Baltimore City Department of Transportation announced that two impound lots and its Right of Way Services Division also were affected by the computer network outage.

The problem largely was contained by Tuesday afternoon, and city teams were able to quarantine the ransomware, but it by Wednesday it was still unclear when affected systems could be back online. The FBI's cybersquad has been assisting Baltimore with its recovery efforts.

Deja Vu All Over Again

What makes Tuesday's attack unique is that Baltimore faced a similar attack last year. That one was more damaging, resulting in the temporary shutdown of automated dispatches for 911 and 311 calls.

"This event tells us that such attacks are on the rise, so much as it tells us that sensible practices are in decline -- at least in Baltimore," warned Jim Purtilo, associate professor in the computer science department at University of Maryland.

"There is no good way to say this: Two crippling attacks in a year is just pathetic," he told TechNewsWorld.

Baltimore isn't the only target of such attacks, of course. Atlanta last year fell victim to the SamSam ransomware, which disrupted city government operations and functions for a considerable period of time.

The Department of Justice last fall indicted two Iranian men last November for deploying that virus, whose victims included the city of Newark, New Jersey, as well as the Port of San Diego and the Colorado Department of Transportation.

"Bad actors have no doubt put the 89,000 local governments across the country in their cross-hairs," said Mike Bittner, digital security and operations manager at The Media Trust.

"These local governments make ideal targets, because they collect and process a lot of citizen and business information, and their tight budgets prevent them from making much-needed IT security updates," he told TechNewsWorld. "For these city governments, getting hacked is not a matter of if but when."

Soft Targets

Government offices -- from the federal to the local level -- typically don't replace computer systems as frequently as corporations or individuals. Many of them rely on outdated systems, which makes them a soft target for hackers, who typically use a well-read playbook in these attacks.

"As long as individuals can be manipulated -- via social engineering or phishing -- and older, unpatched software and weak perimeter security exists, these attacks will continue with 100 percent certainty," said David P. Vergara, director of product marketing at Chicago-based cybersecurity firm OneSpan.

"It's not reasonable that these attacks will be eliminated; however, for businesses and organizations to reduce their threat exposure they should take [appropriate] actions," he told TechNewsWorld.

It's important that they full understand that these attacks can happen, and that they are costly and complex to resolve.

To address the issue effectively, there needs to be proper investment in preventive security measures, added Vergara.

"Initiate mandatory and ongoing employee training on phishing, vishing (voicemail phishing scams) and related social engineering designed to obtain personal or business information to refine attacks or trick them into installing malware," he recommended.

In addition, companies and government agencies at all levels should maintain perimeter security software and infrastructure, and regularly test it. They also should leverage content filtering on mail servers to block suspicious or malicious attachments.

"Make sure that all systems and software are up-to-date," said Vergara. "This is an easy one -- yet still overlooked by many businesses and organizations."

Bad Practices Are Good News for Hackers

Of all the types of cyberattacks in circulation, ransomware presents the most challenges, but it should be easy to recover from with due diligence applied beforehand.

"If you back up your files, you won't need to negotiate or make payments to cyberthugs," said The Media Trust's Bittner.

Local governments, just like corporations and individuals, need to do a better job of backing up data, so that paying a ransom is never considered.

"All organizations should assume they are in the crosshairs of cybercriminals," said Bittner.

In addition, "all organizations should assume they are under some form of attack and strengthen their cyberdefenses," he added.

"Any one system could be vulnerable to a momentary lapse in our practices. After all, the attack vectors are there, and sometimes others will find the vulnerability before we do,"said University of Maryland's Purtilo.

"Having experienced this once in the last year, it is difficult to imagine why a competent administrator would allow the city to continue operating a system that allowed an enterprise-wide loss due to a single point of failure," he added.

To Pay the Ransom

Ransomware today isn't really that much different from the way barbarian tribes in the ancient era would threaten to raid the frontier and pillage a city unless they were paid off. The difference is that instead of a physical attack, ransomware is a digital one, and some cities have given in.

However, the consensus among security pros is that when under such an attack, paying the ransom should never be considered -- not even as the last course of action.

"Even if you do pay the ransom, there's always the chance [the hackers] won't release your files," Bittner pointed out.

More worrisome is that if the ransom is paid, that could entice hackers to try again.

"If the business paid before and has not addressed security vulnerabilities -- yes, they will be targeted again. This is low-hanging fruit for hackers," said Vergara.

Still, it might be the only option in some cases.

"There are some cases where payment is not only the fastest path to recovery, but the far more cost-effective choice," admitted Adam Laub, senior vice president of product management at Stealthbits Technologies.

"It totally depends on the situation; if your data is really valuable and there are no other copies to fall back on, then you might have no other choice than to pay up," he told TechNewsWorld.

This is why ransomware has continued to be an effective weapon for cybercriminals looking to make a quick buck and wreak havoc while doing so.

"Conversely, if you've done a good job of backing up at least your most meaningful data, then it might be perfectly acceptable to lose whatever's been compromised," suggested Laub. "It's so effective because it elicits desperation from its victims, and desperate people do desperate things."

Given that this is the second attack on one target, it could be that lightning is unlikely to strike a third time -- or hackers, as the case may be.

"There's too much attention on the city of Baltimore at this point for there to be a continued barrage of attacks," Laub explained. "It'd likely be too risky for the attackers."

Future Attacks Likely

The sad truth is that ransomware attacks are likely to continue. It's not just that many cities still rely on older hardware and software. Even when systems are replaced, legacy devices leave vast holes for hackers to exploit.

Corporations and large government agencies will be able to plug the holes, but many large U.S. municipalities will be unable to address potential exploits.

Whether a successful defense can be mounted may depend on the type of organization targeted, said OneSpan CMO John Gunn.

"A business can respond immediately and invest in additional IT security tools to prevent the type of attack they just experienced, whereas a government agency may take months or even years to get approvals and budget to buy new security tools, all the while being exposed to similar attacks," he told TechNewsWorld.

Even new systems and a complete network upgrade might not be enough to keep the digital barbarians away.

"There are so many complexities and moving pieces. It's hard to imagine a public institution that's likely to be poorly funded being able to make many meaningful strides towards a solid security posture in a short period of time," warned StealthbitsTechnologies' Laub.

Still, the fact the Baltimore has been targeted twice suggests the city didn't learn its lesson.

"Said simply, fool me once, shame on you; fool me twice shame on me," said Purtilo. "Taxpayers in Baltimore should ask a lot of hard questions."

Peter Suciu has been an ECT News Network reporter since 2012. His areas of focus include cybersecurity, mobile phones, displays, streaming media, pay TV and autonomous vehicles. He has written and edited for numerous publications and websites, including Newsweek, Wired and FoxNews.com. Email Peter.

Read More



Leave A Comment

More News

TechNewsWorld

Elive Elevates Linux With Enlightenment 2019-05-10 12:41:37The Elive distro's integration of the Debian Linux base and the Enlightenment desktop is a powerful combination. Together, they offer a unique comput

Baltimore Held Hostage in 2nd Ransomware Attack 2019-05-10 08:00:00Baltimore officials have admitted that the city government once again has been victimized by ransomware -- the second such attack in just over a year.

Microsoft Becomes Master of Its Own Linux Kernel 2019-05-09 11:56:13Microsoft has announced that its own full Linux kernel will power WSL2, the newest version of the Windows Subsystem for Linux. This marks the first ti

Review Roundup: Pixel 3a Wins Kudos for Cameras, 2019-05-09 08:00:00Google's Pixel 3a smartphone, launched at Google's 2019 I/O developer conference, has wowed reviewers with the quality of its photos and other featu

Google Showcases AI, Preaches Privacy at I/O Keynote 2019-05-08 08:00:00Google showed off its chops in AI and ML, renewed its commitment to giving users greater control over their data, and introduced a new economically pr

Get Ready for Feature Deluge at Apple's WWDC 2019-05-07 08:00:00Apple plans to introduce a boatload of new apps, features and development tools at WWDC next month, according to a report. As it does every year, Appl

Facial Recognition and the Fight for Diversity 2019-05-06 13:22:06I spent a good deal of my educational and early career as an analyst doing research at scale. In fact, the way I got into the executive resources pro

POP!_OS Makes Classic GNOME Simpler to Use 2019-05-03 12:29:55Are you Looking for a hassle-free Linux OS that is very user-friendly and extremely stable? Pop!_OS from System76 is a prime candidate to fit that ord

No Easy Decision: Choosing Between Pay-TV Services 2019-05-03 08:00:00Many consumers in recent years have opted to cut the cord -- that is, to ditch cable or satellite TV and instead rely on OTT streaming services for th

Cybersecurity Pros Join 'Right to Repair' Battle 2019-05-02 08:00:00An advocacy organization formed by cybersecurity professionals has joined the fight for "right to repair" legislation, which would allow consumers a

Red Flag Flying Over Flagship Phones 2019-05-01 08:00:00These could be the worst of times for high-end flagship smartphones. Google CEO Sundar Pichai told Alphabet shareholders that his company's flagship

Mobile Chrome Hoax Could Target Android Users 2019-04-30 08:00:00A new method for hiding the true location of a website from users of the mobile Chrome Web browser has come to light. Phishers can trick users into re

PCWorld

Best power banks of 2019: The top USB 2019-05-10 19:11:00Anyone who uses a smartphone knows the importance of carrying a backup power bank. But given the large number of options on Amazon, you might feel ove

PCWorld's April Digital Magazine: Meet ConceptD, Acer's new 2019-05-10 18:45:00Stay on top of the latest tech with PCWorld’s Digital Magazine. Available as single copies or as a monthly subscription, it highlights the best

Thermaltake reveals a monstrous, RGB-laden $1,200 motorized desk 2019-05-10 16:32:00Thermaltake’s escalating the war to RGB all the things. We’ve already got graphics cards, motherboards, cases, and heck, even SSDs loaded

How Windows and Chrome quietly made 2019 the 2019-05-10 15:12:00After years of endless jokes, 2019 is truly, finally shaping up to be the year of Linux on the desktop. Laptops, too! But most people won’t know

This week in games: John Wick tactics, a 2019-05-10 15:00:00Can you feel that? It’s E3, right around the corner—meaning the slow parade of game announcements starts now of course, about a month befo

Windows 10 May 2019 Update: The best hidden 2019-05-10 12:22:00The Windows 10 May 2019 Update offers many small improvements and subtle changes that may fly under the radar of our full review. But you never know&m

RCA's 100th anniversary Android phone is the Victrola 2019-05-10 11:46:00If you though RCA and its red-and-white cables died in the 90s, you’d be mistaken. In fact, the company is celebrating its 100th anniversary wit

Supercharge your PC or Mac's storage with WD's 2019-05-10 11:11:00Running out of storage space sucks, yet modern PCs often come equipped with itty-bitty SSDs that cry “Uncle!” after installing a few games

Learn how to get certified in Microsoft Azure 2019-05-10 10:05:00You may be surprised to learn that AWS isn’t the only cloud solution out there. In fact, Microsoft has their own cloud platform that’s sur

AMD's powerful Ryzen processors are on sale for 2019-05-10 09:44:00Now’s a great time to pick-up an AMD processor as the basis for a sweet (and affordable) PC build. Amazon and Walmart just dropped the prices on

The best free PC games 2019-05-10 08:52:00Worth the price of admissionImage by RespawnThere was a time when “free-to-play” was a dirty term in the games industry. There are st

Anker PowerCore+ 19000 PD review: Fresh design and 2019-05-10 06:30:00Battery packs have become commonplace. These small power banks are easy to carry and make it possible to top off a phone or tablet—and more rece

FOX News

10 mistakes people make online 2019-05-11 06:00:18Ever click something in an email or on the web and right afterward thought, “Boy, that was dumb.” You’re not alone. Every week on my

Rare, original iPod on sale for $20G 2019-05-10 11:22:06A rare, unopened first-edition of an Apple iPod is listed for sale on eBay for a whopping $20,000.

What it's like to fire the 30mm cannon 2019-05-10 09:51:26It looked like streaming balls of fire lighting up the air, accompanied by a very loud noise, smoke and the sight of a large fiery explosion on the ot

US Senators call for FTC probe of Amazon's 2019-05-10 09:35:00Several US senators are asking Amazon for more information about its Echo Dot Kids Edition, which advocacy groups claim violates kids' digital privac

Farrakhan rails against ‘Satanic Jews’ in wake of 2019-05-10 09:31:50Louis Farrakhan spoke at a Catholic church Thursday night in the wake of his Facebook ban and denied that he hates Jewish people while ranti

Google launches tools to help military spouses find 2019-05-10 05:00:51Google has launched a new set of tools designed to help military spouses find opportunities for remote working.

Steve Jobs' legacy lives on: Rare Apple-1 computer 2019-05-09 15:16:08A rare working Apple 1, the computer that began the legacy of Steve Jobs and Apple, is set to go up for auction later this month and experts believe i

Facebook co-founder Chris Hughes says company should be 2019-05-09 13:15:32Chris Hughes, who helped Mark Zuckerberg create the company that eventually becameFacebook Inc., is calling for the social-media giant to be

Microsoft harnesses AI to make Word politically correct 2019-05-09 11:54:06Microsoft is harnessing the power of artificial intelligence to boost the use of “inclusive language” in Word.

Humanoid robot crosses balance beam with ease in 2019-05-09 11:11:43How did the robot cross over the creek?

TechCrunch

From crypto winter to crypto weirder 2019-05-12 19:00:57Captain Kirk and neo-Dadaists. Repugnant markets and legendary cryptographers. “Digital couture” auctioned by CryptoKitties developers. Di

CO2 in the atmosphere just exceeded 415 parts 2019-05-12 18:43:14The human race has broken another record on its race to ecological collapse. Congratulations humanity! For the first time in human history — not

Two years after WannaCry, a million computers remain 2019-05-12 17:37:43Two years ago today, a powerful ransomware began spreading across the world. WannaCry spread like wildfire, encrypting hundreds of thousands of comput

Hotstar, Disney’s Indian streaming service, sets new global 2019-05-12 16:47:19Indian video streaming giant Hotstar, owned by Disney, today set a new global benchmark for the number of people an OTT service can draw to a live eve

Where cannabis investors see the next big wave? 2019-05-12 16:46:44Women and seniors are joining the cannabis movement, and that’s presenting new investing opportunities, according to a panel of cannabis investo

Friend portability is the must-have Facebook regulation 2019-05-12 13:35:08Choice for consumers compels fair treatment by corporations. When people can easily move to a competitor, it creates a natural market dynamic coercing

Week-in-Review: Google impersonates Apple and Bezos eyes the 2019-05-12 08:00:19After Mark Zuckerberg’s privacy mea culpa at F8 last week, Google got its turn at I/O to promise consumers that their data wasn’t going an

After burning through $1 billion, Jawbone’s Hosain Rahman 2019-05-11 18:22:49Not everyone gets a second chance in Silicon Valley. Entrepreneur Hosain Rahman has been given many more than that. Though his last company, Jawbone,

As a founder, I mistook my work for 2019-05-11 16:03:48These days, most days are good days. My clients are founder and executives, I set my own schedule, and I live in a city I love. As an executive coach

HTC introduces a cheaper blockchain phone, opens Zion 2019-05-11 15:00:32Happy Blockchain Week to you and yours. HTC helped kick off this important national holiday by announcing the upcoming release of the HTC Exodus 1s. T

EC-exclusive interview with Tim Cook, Slacklash, and tech 2019-05-11 14:00:31An EC-exclusive interview with Apple CEO Tim Cook TechCrunch editor-in-chief Matthew Panzarino traveled to Florida this week to talk with Tim Cook abo

Cat vs best and worst robot vacuum cleaners  2019-05-11 14:00:08If you’ve flirted with the idea of buying a robot vacuum you may also have stepped back from the brink in unfolding horror at the alphabetic sou

Thetechhacker

Analytics firm Ranwave sued by Facebook for misuse 2019-05-11 07:41:03Last year, Facebook revealed that its data was misused by an analytics firm named Cambridge Analytica. This data was then used to target audience for

Motorola One Vision to come with 21:9 aspect 2019-05-11 07:07:17Motorola has not had the best of times in the smartphone industry recently. Ever since Lenovo acquired Motorola, we have not seen the best of smartpho

Everything you need to know about Android Q 2019-05-10 06:40:23Google’s I/O 2019 wrapped up last night at the Shoreline Amphitheatre after running for 3 days. However, Google already announced all the import

Samsung Galaxy Fold’s release date will be announced 2019-05-10 05:56:55Samsung has finally fixed the problems that it has with the Galaxy Fold. In an official interview given by Samsung CEO DJ Koh, he says that the Galaxy

Best Airtable alternatives with powerful features 2019-05-10 02:23:57When it comes to project management there are several tools available online with a nice set of organizational features. One of the finest product is

Android Q Beta 3 now available with Dark 2019-05-09 07:31:28Google I/O 2019 is officially underway and we have already found out what’s to come from Google this year thanks to the keynote. At the keynote,

Here are the top important announcements at Google 2019-05-09 06:49:46Google I/O 2019 is the 11th annual developer conference from Google. At this event, Google announces all the new things and developments taking place

Google announces Pixel 3a series starting at just 2019-05-09 06:16:25Currently, Google I/O 2019 is taking place in the US. This is the event or developer conference where Google announces what it will release this year.

KISSIN Portable Silicon Brush Paw Cleaner for Dogs 2019-05-09 03:47:43We know that hygiene is very important for everyone. In our everyday life, we wash our hands as well as brush teeth and do other things for tidying yo

Looking Photoshop for Android? Here are the best 2019-05-08 05:51:01Nowadays, with the improvements in smartphone cameras, a lot of people tend to use their smartphones for photography. Of course, it may not match the

Best Digital Storytelling Tools 2019-05-07 12:44:24By definition, a digital story is a series of images accompanied by text or a soundtrack that tells a story. The genre varies and can range anywhere f

UK Researcher Which? claims Apple is overstating its 2019-05-07 07:38:51Apple is known for its production quality as well as design and performance in all of their products. However, Apple’s iPhones are claimed as th

SlashGear

Google Pixel 3a shows us high-end phones are 2019-05-11 05:58:40Humanity’s obsession over edge-to-edge bezels, triple cameras and future-proofed specs has brought about the inevitable, to quote Thanos. But in

Fortnite Summer Block Party will happen in Los 2019-05-10 19:52:03Epic Games will host its first ever Fortnite Summer Block Party this June, giving players the chance to gather together, meet their favorite streamers

Boeing shares Starliner parachute test video ahead of 2019-05-10 18:58:08Boeing has shared new video clips of parachute tests related to its Starliner spacecraft, providing the public with a behind-the-scenes look at these

Amazon targets toxic school supplies following Washington AG 2019-05-10 18:07:13Washington Attorney General Bob Ferguson has announced that Amazon will target toxic school supplies after many were allegedly found for sale on its p

Lyft tests long-term car rentals as new transportation 2019-05-10 16:49:25Ridesharing services like Lyft reduce the need to own a vehicle for customers located in big cities, but there are occasions when ordering a car is le

WWDC 2019 might be a sad show for 2019-05-10 16:08:49WWDC 2019 is right around the corner, and though the show will likely hold some surprises, one topic that’s sure to come up is iOS 13. It’

How many daily cups of coffee are safe? 2019-05-10 15:55:08Coffee is often touted for its energizing effects, and it is widely consumed in some countries starting at relatively young ages. The array of polyphe

Black Shark 2 Review: The new mid-tier ‘gaming 2019-05-10 15:52:15The Black Shark 2 is a gaming phone made by a Xiaomi associated brand. This device is marketed as a ‘gaming phone’ which means, here, that

There’s bad 2020 Kia Soul EV news 2019-05-10 15:50:43Patience is a virtue would-be 2020 Kia Soul EV drivers in the US will have to learn, with the news that the hotly-anticipated all-electric car won&rsq

Demand for the VW ID.3 electric car was 2019-05-10 15:02:24Volkswagen’s ID.3 may not be expected to arrive until mid-2020, but that didn’t stop a flood of reservations and would-be owners overwhelm

Highly effective blood pressure diet may also cut 2019-05-10 14:58:31The National Heart, Lung, and Blood Institute (NHLBI) funded a number of studies that ultimately resulted in the formation of a heart-healthy diet cal

This God of War documentary surprised me 2019-05-10 14:24:03God of War was unquestionably one of the best games released in 2018, if not the best. When fans heard that Sony was rebooting the God of War franchis

Electrek

Electrek Podcast: Tesla Autopilot restructuring, CCS adapter+tow hitch, 2019-05-10 15:41:13 This week on the Electrek Podcast, we discuss the most popular news in the world of sustainable transport and energy, including Tesla launching

Philips LED traditional and smart light bulbs are 2019-05-10 13:28:00 Today only, as part of its Deals of the Day, Best Buy offers the Philips Hue White and Color BR30 Smart LED Light Bulb for $24.99. It will ship

New York state on track to be coal-free 2019-05-10 13:01:58 New York state is on track to close its last remaining coal-fired power plants by the end of 2020 after adopting final regulations that require state

Proposed Illinois bill would force EV owners to 2019-05-10 11:32:56 A proposed bill in the Illinois legislature would raise the state’s annual registration fee for all-electric vehicles from $17.50 to a whopping

EGEB: US solar installations hit 2 million, Québec 2019-05-10 09:03:13 In today’s EGEB: The US reaches 2 million total solar installations, three years after hitting 1 million. A Québec utility looks to beco

Xtracycle’s new electric bicycle morphs between regular city 2019-05-10 08:43:59 Xtracycle is no stranger to morphing cargo bikes. One of their most famous products is an add-on for regular bikes that stretches the frame into a lo

Tesla held a special Model 3 Performance track 2019-05-10 08:22:14 Tesla organized a special Model 3 Performance track day on a racetrack in Shanghai to let people experience the full performance on the electric vehi

Tesla restructures Autopilot software team, Elon takes the 2019-05-10 05:25:48 Tesla is again restructuring its Autopilot software team, according to sources talking to Electrek. CEO Elon Musk is taking the reins with now even m

Self-driving cross-country trip possible for everyone with a 2019-05-09 19:18:46 Tesla has been making bold claims about future autonomous driving plans lately, most recently holding an “autonomy investor event” where

Volkswagen receives 10,000+ pre-orders for ID.3 electric hatchback 2019-05-09 14:22:19 Volkswagen opened up pre-orders for its ID.3 electric hatchback on Wednesday, and the company reports the car has already received more than 10,000 p

‘Tesla saved my life’, says owner after walking 2019-05-09 14:13:12 A Tesla Model S owner says that Tesla’s safety level “saved his life” after he managed to walk away mostly uninjured after a horrif

ecobee4 smart thermostat w/ extra sensors for $250, 2019-05-09 13:22:44 Today only, Home Depot offers ecobee4 bundled with extra room sensors for $250. Given the nearly $80 typical going rate on the sensors, that brings t


Disclaimer and Notice:WorldProNews.com is not responsible of these news or any information published on this website.