The Baltimore Ransomware Attack Is Every City’s Nightmare

The Baltimore Ransomware Attack Is Every City’s Nightmare
By Jon Bilous/Shutterstock

The Baltimore Ransomware Attack Is Every City’s Nightmare

Nicole Fallon
May 22, 2019

Known for its Old Bay-spiced crab cakes, Natty Boh beer and scenic Inner Harbor, Baltimore also has the distinction of being the latest U.S. city to be hit by a ransomware attack that has ground the city of more than 600,000 to a halt.

On May 7, nearly 10,000 Baltimore government computers were remotely seized by hackers. The hackers demanded 13 bitcoins (worth approximately $101,145 USD as of May 22) for the city’s systems to be released. So far, Baltimore officials refuse to pay the ransom, meaning the ordeal could carry on for weeks to come.

What does the Baltimore ransomware attack mean for residents?

For two weeks, no one in Baltimore has been able to pay their water bills, property taxes or parking tickets online. City employees can’t access their email accounts and essential web-based government services are shut down.

While not paying municipal bills has a nice ring to it, residents are still expected to pay their bills by mail or in-person, despite the continued shutdown. What’s worse: Because water meter data is currently inaccessible, Baltimore’s Department of Public Works has warned residents that their next water bill may be higher to account for the gap in meter reading periods.

In the meantime, prospective Baltimore homebuyers and sellers haven’t been able to close any real estate deals during the ransomware attack. With city government computer systems on lockdown, pending property transactions haven’t been able to be completed, leaving many buyers and sellers in limbo until a manual workaround was put in place on May 20.

Baltimore Mayor Jack Young assured residents that city officials are working around the clock with cybersecurity experts and the FBI to investigate the attack and securely rebuild and reinstate government systems. But there is currently no timeline for when city government systems will be fully restored.

Search a full background report on a person

Why is ransomware so dangerous?

Ransomware is exactly what it sounds like: a digital ransom in which hackers take over a computer system and block access to important files and programs until their target pays up, usually in cryptocurrency. Infected websites, spam emails and third-party download sites can all inject a malicious malware program onto your device, giving hackers the access they need to hold your data hostage.

One of the most troubling aspects of ransomware is that there’s rarely a simple (or inexpensive) way to recover from it. If the target pays the ransom, they’re out a lot of money and may not actually regain access to their data. Even if they can get control of their system back, the hacker may have left themselves a way to get back in and take over again in the future.

If they don’t pay, they risk having their access permanently blocked and their data destroyed. While tech experts can often restore access and recover files, it may take many months and millions of dollars to fully return to a state of normalcy. For example, the city of Atlanta reportedly sunk $17 million into recovering from a similar ransomware attack in 2018.

Has my information been exposed in a cyber attack?

Ransomware isn’t a new threat, but it has become more prevalent in recent years. According to a report by Malwarebytes Labs, ransomware detection among businesses has increased 195% from Q4 2018 to Q1 2019. More than 20 U.S. municipalities have been hit with cyber attacks in 2019 alone, with the recent Baltimore attack being the latest – though likely not the last for the year.

As with any other type of cyber attack, any data seized by a ransomware hacker has the potential to be exposed, sold on the dark web or used for other criminal purposes. If you’re concerned that your data might have been exposed during a recent breach, you can search here.

In the meantime, there are actions you can take to reduce your risk of a cyber attack, such as updating your antivirus software and encrypting your data whenever possible.

Disclaimer: The above is solely intended for informational purposes and in no way constitutes legal advice or specific recommendations.