Select Page

Ransomware Attack Targets City Departments of Baltimore

On May 7th, “Robbinhood” ransomware successfully attacked and disrupted city services of Baltimore. At this time, several reports indicate that no progress has been made and local government bodies are simply unable to offer city services due to compromised data and servers. Without effective data protection solutions in place, experts expect high volume of data loss and a prolonged outage of city services.

This just goes to show that ransomware attacks have a huge potential to compromise mission-critical organizational data and lead to disruption and outages. While ransomware attacks have become a common occurrence in the news, organizations, businesses and local governments aren’t as prepared as they should be for such cyber-threats.

This inability to prepare beforehand leads to events such as the one in Baltimore.

Baltimore’s Second Ransomware Attack in 2 Years

This isn’t Baltimore’s first encounter with a ransomware attack. On March 2018, the city’s 911 and 311 automated dispatch was hacked and dispatchers had to switch to manual mode until the problem was taken care of.

A year later, Baltimore’s city services ended up being the victims while the city’s automated dispatch systems remain unaffected.

As a result, the city has to figure out how much data they will be losing whereas people have to endure the delayed response in the provision of services. Basically, the everyday processes of the city have come to a grinding halt.

A report by Baltimore Sun states that hackers are demanding payment of 3 bitcoins per system, or 13 bitcoins in exchange for freeing all the city’s systems. The Mayor however, has clearly said that he has no intention of paying the ransom and that people are working diligently to locate the source and extent of the infection. 

 What’s Really Alarming About Baltimore’s Ransomware Attack?

The local government body released a statement saying that the ransomware attack was quarantined; they still couldn’t say when the systems would be back online. In other words, the disruption would only continue for an unspecified period of time.

Another alarming thing about this situation was that there had been previous a case of ransomware attack on the city a year ago. Don Norris, a professor emeritus at the University of Maryland who also surveyed local government leaders about computer security in 2016, said,

“I’m not surprised that it happened, and I won’t be surprised when it happens again.”

This only shows that despite their recent experience of dealing with a ransomware, the city of Baltimore was not prepared for yet another ransomware attack.

The question here is, if the city of Baltimore had prepared beforehand could this situation have been avoided? The answer to question is a resounding “Yes”. 

How Baltimore Could Have Fend-off this Ransomware Attack?

Evidently, ransomware attacks are getting complex by the day. Hackers and ransomware creators are constantly working to find loopholes and disrupt the system. The rapid evolution of ransomware is making it very difficult for anti-malware and anti-virus programs to keep up with them. It is good practice to setup programs that detect ransomware attacks and protect mission-critical data but what’s better is to have backup and disaster recovery solutions set in place.

 In the case of Baltimore, if they had setup on-premises or hybrid backup and disaster recovery solutions, they could’ve easily recovered and the ransomware attack would have been for nothing.

City departments usually have a mix of frequently access, infrequently accessed, and a great volume of archiving data. That’s why the best approach to it is to setup hybrid backup and disaster recovery solutions. With hybrid backup and DR solutions, the government bodies can keep frequently accessed or hot data copies on their on-premises infrastructure while keeping the less accessed or older copies in the cloud for long term data retention.

The local government body of Baltimore maintains that they’ve had several audits and have gotten clean “bill of health” every time. The fact that they can’t recover, and that a ransomware attack has led to such disruption, suggests otherwise.

So What Are The Takeaways From This “Robbinhood” Ransomware Attack?

Cyber-attacks are a real threat and without preparation organizations, businesses and local governments are leaving themselves vulnerable to disruption, data corruption and data loss. These are the realities that modern organizations have to face today. Fortunately, there are backup and disaster recovery solutions..

By configuring data protection plans, such as the 3-2-1 data protection strategy, organizations can make sure that mission-critical data is always recoverable and protected from ransomware attacks. With reliable ransomware protection solutions configured beforehand, organizations and local governments can continue operating and brush-off ransomware attacks as if they were nothing.

StoneFly offers a wide range of enterprise grade data protection solutions that can facilitate organizations, local governments and federal governments to protect mission-critical data from cyber-attacks and cyber-threats like ransomware. Our products are trusted by nuclear-class submarines to protect their confidential and important data.

Learn more about StoneFly Backup and disaster recovery solutions: DR365V™ – Veeam-ready Backup & Disaster Recovery Appliance

Interested about Ransomware Protection? Talk to our experts today. Send us an email at or give us a call at (510) 265 1616.

Recent Posts

What to Consider when Implementing DRaaS for ransomware protection

What to Consider when Implementing DRaaS for ransomware protection

According to Gartner, downtime costs more than $5,600 a minute; therefore, every business needs a reliable means of backup and disaster recovery. Disaster Recovery as a service (DRaaS) provides recovery in the cloud and is a cost-effective and highly efficient...

Downtime Cost: How to Calculate and Minimize it

Downtime Cost: How to Calculate and Minimize it

Downtime is bad for business. When applications, data and services are unavailable, business is disrupted, customers and stakeholders are unhappy, and regulatory authorities fine you. The true cost of unplanned downtime goes beyond lost revenue. How does one calculate...

Disaster Recovery as a Service (DRaaS) or On-Site DR Appliance?

Disaster Recovery as a Service (DRaaS) or On-Site DR Appliance?

Disaster Recovery-as-a-Service (DRaaS) delivers serverless recovery capabilities while disaster recovery (DR) appliances provide the on-prem secondary site that facilitates quick recovery. Which of the two is the best fit for you? Both deployment options have their...

FC SAN vs iSCSI SAN: What’s the Difference?

FC SAN vs iSCSI SAN: What’s the Difference?

Storage area networks (SANs) are a permanent fixture in corporate data centers used to host high-performance block-level structured workloads such as databases, applications, etc. If you’re familiar with SAN systems, then you’ve heard of Fibre Channel (FC) and iSCSI...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email