Select Page

Ransomware Attack Targets City Departments of Baltimore

On May 7th, “Robbinhood” ransomware successfully attacked and disrupted city services of Baltimore. At this time, several reports indicate that no progress has been made and local government bodies are simply unable to offer city services due to compromised data and servers. Without effective data protection solutions in place, experts expect high volume of data loss and a prolonged outage of city services.

This just goes to show that ransomware attacks have a huge potential to compromise mission-critical organizational data and lead to disruption and outages. While ransomware attacks have become a common occurrence in the news, organizations, businesses and local governments aren’t as prepared as they should be for such cyber-threats.

This inability to prepare beforehand leads to events such as the one in Baltimore.

Baltimore’s Second Ransomware Attack in 2 Years

This isn’t Baltimore’s first encounter with a ransomware attack. On March 2018, the city’s 911 and 311 automated dispatch was hacked and dispatchers had to switch to manual mode until the problem was taken care of.

A year later, Baltimore’s city services ended up being the victims while the city’s automated dispatch systems remain unaffected.

As a result, the city has to figure out how much data they will be losing whereas people have to endure the delayed response in the provision of services. Basically, the everyday processes of the city have come to a grinding halt.

A report by Baltimore Sun states that hackers are demanding payment of 3 bitcoins per system, or 13 bitcoins in exchange for freeing all the city’s systems. The Mayor however, has clearly said that he has no intention of paying the ransom and that people are working diligently to locate the source and extent of the infection. 

 What’s Really Alarming About Baltimore’s Ransomware Attack?

The local government body released a statement saying that the ransomware attack was quarantined; they still couldn’t say when the systems would be back online. In other words, the disruption would only continue for an unspecified period of time.

Another alarming thing about this situation was that there had been previous a case of ransomware attack on the city a year ago. Don Norris, a professor emeritus at the University of Maryland who also surveyed local government leaders about computer security in 2016, said,

“I’m not surprised that it happened, and I won’t be surprised when it happens again.”

This only shows that despite their recent experience of dealing with a ransomware, the city of Baltimore was not prepared for yet another ransomware attack.

The question here is, if the city of Baltimore had prepared beforehand could this situation have been avoided? The answer to question is a resounding “Yes”. 

How Baltimore Could Have Fend-off this Ransomware Attack?

Evidently, ransomware attacks are getting complex by the day. Hackers and ransomware creators are constantly working to find loopholes and disrupt the system. The rapid evolution of ransomware is making it very difficult for anti-malware and anti-virus programs to keep up with them. It is good practice to setup programs that detect ransomware attacks and protect mission-critical data but what’s better is to have backup and disaster recovery solutions set in place.

 In the case of Baltimore, if they had setup on-premises or hybrid backup and disaster recovery solutions, they could’ve easily recovered and the ransomware attack would have been for nothing.

City departments usually have a mix of frequently access, infrequently accessed, and a great volume of archiving data. That’s why the best approach to it is to setup hybrid backup and disaster recovery solutions. With hybrid backup and DR solutions, the government bodies can keep frequently accessed or hot data copies on their on-premises infrastructure while keeping the less accessed or older copies in the cloud for long term data retention.

The local government body of Baltimore maintains that they’ve had several audits and have gotten clean “bill of health” every time. The fact that they can’t recover, and that a ransomware attack has led to such disruption, suggests otherwise.

So What Are The Takeaways From This “Robbinhood” Ransomware Attack?

Cyber-attacks are a real threat and without preparation organizations, businesses and local governments are leaving themselves vulnerable to disruption, data corruption and data loss. These are the realities that modern organizations have to face today. Fortunately, there are backup and disaster recovery solutions..

By configuring data protection plans, such as the 3-2-1 data protection strategy, organizations can make sure that mission-critical data is always recoverable and protected from ransomware attacks. With reliable ransomware protection solutions configured beforehand, organizations and local governments can continue operating and brush-off ransomware attacks as if they were nothing.

StoneFly offers a wide range of enterprise grade data protection solutions that can facilitate organizations, local governments and federal governments to protect mission-critical data from cyber-attacks and cyber-threats like ransomware. Our products are trusted by nuclear-class submarines to protect their confidential and important data.

Learn more about StoneFly Backup and disaster recovery solutions: DR365V™ – Veeam-ready Backup & Disaster Recovery Appliance

Interested about Ransomware Protection? Talk to our experts today. Send us an email at [email protected] or give us a call at (510) 265 1616.

Conti Ransomware: In-Depth Technical Breakdown

Conti Ransomware: In-Depth Technical Breakdown

Conti ransomware has earned notoriety, notably for its involvement in the Costa Rican government hack. Operating as a ransomware-as-a-service (RaaS) group, Conti specializes in infiltrating networks, encrypting crucial data, and extorting exorbitant sums of money. In...

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply chain attacks have emerged as a formidable threat vector in the landscape of cybercrime, posing significant risks to enterprises of all sizes and industries. Among the various tactics employed by threat actors, ransomware attacks leveraging supply chain...

How to Set Up S3 Object Storage for Veeam Data Platform

How to Set Up S3 Object Storage for Veeam Data Platform

Veeam v12 introduced Direct-to-Object storage, enabling S3 object storage as the primary backup repository. Prior to this, S3 object storage integration relied on Veeam's Scale-Out Backup Repository (SOBR), using a performance tier and a capacity tier, which extended...

Watering Hole Attacks Unveiled: A Comprehensive Cyberthreat Overview

Watering Hole Attacks Unveiled: A Comprehensive Cyberthreat Overview

Watering hole attacks, akin to their namesake in the natural world where predators strategically position themselves near watering holes to intercept prey, have become a significant peril in the digital realm. In the vast landscape of cybersecurity, understanding the...

Man-in-the-Middle Attack: Cyberthreat Amidst Data Streams

Man-in-the-Middle Attack: Cyberthreat Amidst Data Streams

In the fast-paced arena of enterprise-level digital operations, the looming threat of cyber vulnerabilities demands our undivided attention. Among these threats, the Man-in-the-Middle (MitM) attack emerges as a silent, yet formidable, adversary capable of infiltrating...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email