Around 10,000 computers belonging to the city of Baltimore have been taken over and made useless by a group demanding money in exchange for fixing the computers.
This kind of computer attack is called “ransomware”. The criminals, often called “hackers”, lock the files on the computer so that they can’t be used. But the hackers say they will unlock the files if they are paid money – a “ransom”. In this case, the ransom was about $100,000.
The ransomware, called RobbinHood, began to attack on May 7. City computers stopped working and began to show ransom messages.
City workers have been without email since the attack started. Many of the city’s normal tasks have been affected, too. Important services, such as websites where people can pay their bills, taxes, and parking tickets aren’t working. Until Monday, the city was unable to complete the sales of houses.
These are difficult times for Baltimore. Jack Young, the current mayor, just took over on May 2, five days before the attack. The last mayor left after she was caught raising money in a way that was against the law. And this is not Baltimore’s first ransomware attack. Last year the city’s 911 emergency service was shut down by ransomware.
Ransomware is becoming more and more common. Last year, the city of Atlanta, struggled for months to recover after a ransomware attack left its computers locked up. So far this year, over 20 cities in the US have been hit by ransomware.
One reason attacks like these are becoming more common is that many cities use older computer systems. They don’t always have the money or the people needed to update their systems to make them safer.
Another reason is Bitcoin – a special kind of digital money that only exists on computer systems. Older ways of paying ransom money could often be tracked. Bitcoin makes it nearly impossible to use the payment to find the criminals.
Ransomware criminals have also gotten more advanced. Some even offer “customer service” to help their victims learn how to pay with Bitcoin.
Many ransomware victims choose not to pay. Sadly, this can cost much more than paying the ransom. Atlanta didn’t pay the $51,000 the hackers demanded last year. But the city spent more than $17 million to deal with the attack.
Baltimore hasn’t paid the ransom, even though the hackers said the information would be gone forever if the city didn’t pay in 10 days. The city hasn’t given any idea of when the problem might be solved. If Baltimore’s problems are anything like Atlanta’s, it could take months.
Baltimore City core essential services (police, fire, EMS and 311) are still operational but it has been determined that the city’s network has been infected with a ransomware virus. City employees are working diligently to determine the source and extent of the infection.
— Mayor Bernard C. Jack Young (@mayorbcyoung) May 7, 2019
The FBI is looking into the attack and the city has experts working to solve the problems. It’s not clear if Baltimore has much information backed up. Backups could help the city recover if it can’t beat the ransomware.
The city plans to create a special group to study the attack and learn how to avoid similar attacks in the future. Many other cities, hospitals, and schools are looking at what’s happening in Baltimore, and hoping that their turn isn’t next.
View Larger Map