Table of Contents
Hackers have recently taken over the computer systems for the City of Baltimore. Many of the City’s operations have been at a standstill for weeks as officials scramble to find a solution.
The hackers are demanding that the city pay a ransom in order to regain control of the network. The ransom started at 13 Bitcoin, which is roughly $100,000 at its current price. However, the hackers said that the city will owe an additional $10,000 for every day after the deadline.
The attack occurred at the beginning of this month, on May 7th. In a ransom note, the hackers gave a deadline of May 17th.
“We won’t talk more, all we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” the ransom note read.
Basic Services Frozen
In the attack, the hackers managed to seize 10,000 of the city’s most vital systems. Once they had control of the network, the hackers were able to put a freeze on basic city services.
The hackers locked the city out of email and voicemail, so city employees set up Gmail accounts as an alternative. The employees were locked out of their Gmail accounts as well, since all of their addresses were marked as spam.
In a later statement, Google explained that this was a glitch in their automated systems.
“We have restored access to the Gmail accounts for the Baltimore city officials. Our automated security systems disabled the accounts due to the bulk creation of multiple consumer Gmail accounts from the same network,” the statement read.
For the past month, Baltimore residents couldn’t pay their bills, and city employees were unable to log into their accounts.
Will The City Pay The Ransom?
Baltimore Mayor Jack Young, initially said that the city is working to restore their networks. Young also said that the FBI is assisting the city in the investigation.
“The restoration efforts also require that we rebuild certain systems to make sure that when we restore business functions. We are doing so in a secure manner,” Young said.
Young initially said that the city would not consider paying the ransom under any circumstances. The mayor said that to pay the ransom would be like “rewarding bank robbers for robbing banks.”
However, it seems that now the city may be desperate and running out of options. In an interview this week, the mayor revealed that he is thinking about paying the ransom.
“To move the city forward, I might think about it,” Young said.
According to a report from the New York Times this week, the hackers carried out the attack using an NSA hacking tool. The tool is called EternalBlue and it was initially developed by the NSA before hackers leaked it to the public.
After hackers used the tools in various cyber attacks, Microsoft blamed the NSA for the crisis. Microsoft said that the agency had a practice of “stockpiling vulnerabilities,” which prevented companies from patching their software.
In a separate attack last year, Hackers shut down Baltimore’s 911 systems for an entire day. Hackers carried out a similar attack in Atlanta around the same time. In fact, this is a problem that cities all over the country are currently facing. Baltimore is just one of over 20 different cities that hackers have hit with cyber attacks in the past year.
Most of these exploits wouldn’t work on your personal computer because only older systems are vulnerable to them. The various cities that have been experiencing cyber attacks are obviously on very outdated systems.
The EternalBlue exploit targets a vulnerability in Microsoft’s Windows XP and Vista systems, which are generations behind most consumers.
According to a recent report from WeLiveSecurity, “there are currently almost a million machines in the wild using the obsolete SMB v1 protocol.”
“Poor security practices and lack of patching are likely reasons why malicious use of the EternalBlue exploit has been growing continuously since the beginning of 2017, when it was leaked online,” the report continued.
Since businesses and governments rarely update their systems, many high-profile targets are currently at risk.
Baltimore officials are currently using manual workarounds to complete real estate deals, but many of the city’s services are no longer functional.