Daily Local News (West Chester, PA)
8 days after cyberattack, Baltimore’s network still hobbled
BALTIMORE >> More than a week after a cyberattack hobbled Baltimore’s computer network, city officials said Wednesday they can’t predict when its overall system will be up and running and continued to give only the broadest outlines of the problem.
Baltimore’s government rushed to take down most computer servers on May 7 after its network was hit by ransomware. Functions like 911 and EMS dispatch systems weren’t affected, officials say, but after eight days, online payments, billing systems and email are still down. Finance department employees can only accept checks or money orders.
No property transactions have been conducted since the attack, exasperating home sellers and real estate professionals in the city of over 600,000. Most major title insurance companies have even prohibited their agents from issuing policies for properties in Baltimore, according to the Greater Baltimore Board of Realtors.
Citing an ongoing criminal investigation, Baltimore’s information technology boss Frank Johnson and other city leaders said Wednesday they could provide no specifics about the attack from the ransomware variant RobbinHood or realistically forecast when the various hobbled layers of the city’s network would be back up.
“Anybody that’s in this business will tell you that as you learn more those plans change by the minute. They are incredibly fluid,” said Johnson, stressing that city employees, expert consultants and others were working “round the clock” to mend the breached network.
The FBI’s cyber squad agents have been helping employees in Maryland’s biggest city try to determine the source and extent of the latest attack.
Johnson’s tenure has now included two major breaches to the city’s computer systems. This month’s problems come just over a year since another ransomware attack slammed Baltimore’s 911 dispatch system, prompting a worrisome 17-hour shutdown of automated emergency dispatching. The March 2018 attack required operating the critical 911 service in manual mode.
Johnson is one of the city’s highest paid employees, earning $250,000 a year. That’s more than the mayor, the city’s top prosecutor and the health commissioner are paid. This latest attack came about a week after the firing of a city employee who, the inspector general said, had downloaded thousands of sexually explicit images onto his work computer during working hours.
While all municipalities are menaced by malware, cybersecurity experts say organizations that fall victim to such attacks often haven’t done a thorough job of patching systems regularly.
Asher DeMetz, lead security consultant for technology company Sungard Availability Services, suggested that eight days was a long time for a network to remain down.