On May 7th, “Robbinhood” ransomware successfully attacked and disrupted city services of Baltimore. At this time, several reports indicate that no progress has been made and local government bodies are simply unable to offer city services due to compromised data and servers. Without effective data protection solutions in place, experts expect high volume of data loss and a prolonged outage of city services.
This inability to prepare beforehand leads to events such as the one in Baltimore.
Baltimore’s Second Ransomware Attack in 2 Years
This isn’t Baltimore’s first encounter with a ransomware attack. On March 2018, the city’s 911 and 311 automated dispatch was hacked and dispatchers had to switch to manual mode until the problem was taken care of.
A year later, Baltimore’s city services ended up being the victims while the city’s automated dispatch systems remain unaffected.
As a result, the city has to figure out how much data they will be losing whereas people have to endure the delayed response in the provision of services. Basically, the everyday processes of the city have come to a grinding halt.
A report by Baltimore Sun states that hackers are demanding payment of 3 bitcoins per system, or 13 bitcoins in exchange for freeing all the city’s systems. The Mayor however, has clearly said that he has no intention of paying the ransom and that people are working diligently to locate the source and extent of the infection.
What’s Really Alarming About Baltimore’s Ransomware Attack?
The local government body released a statement saying that the ransomware attack was quarantined; they still couldn’t say when the systems would be back online. In other words, the disruption would only continue for an unspecified period of time.
Another alarming thing about this situation was that there had been previous a case of ransomware attack on the city a year ago. Don Norris, a professor emeritus at the University of Maryland who also surveyed local government leaders about computer security in 2016, said,
“I’m not surprised that it happened, and I won’t be surprised when it happens again.”
This only shows that despite their recent experience of dealing with a ransomware, the city of Baltimore was not prepared for yet another ransomware attack.
The question here is, if the city of Baltimore had prepared beforehand could this situation have been avoided? The answer to question is a resounding “Yes”.
How Baltimore Could Have Fend-off this Ransomware Attack?
Evidently, ransomware attacks are getting complex by the day. Hackers and ransomware creators are constantly working to find loopholes and disrupt the system. The rapid evolution of ransomware is making it very difficult for anti-malware and anti-virus programs to keep up with them. It is good practice to setup programs that detect ransomware attacks and protect mission-critical data but what’s better is to have backup and disaster recovery solutions set in place.
In the case of Baltimore, if they had setup on-premises or hybrid backup and disaster recovery solutions, they could’ve easily recovered and the ransomware attack would have been for nothing.
City departments usually have a mix of frequently access, infrequently accessed, and a great volume of archiving data. That’s why the best approach to it is to setup hybrid backup and disaster recovery solutions. With hybrid backup and DR solutions, the government bodies can keep frequently accessed or hot data copies on their on-premises infrastructure while keeping the less accessed or older copies in the cloud for long term data retention.
The local government body of Baltimore maintains that they’ve had several audits and have gotten clean “bill of health” every time. The fact that they can’t recover, and that a ransomware attack has led to such disruption, suggests otherwise.
So What Are The Takeaways From This “Robbinhood” Ransomware Attack?
Cyber-attacks are a real threat and without preparation organizations, businesses and local governments are leaving themselves vulnerable to disruption, data corruption and data loss. These are the realities that modern organizations have to face today. Fortunately, there are backup and disaster recovery solutions..
By configuring data protection plans, such as the 3-2-1 data protection strategy, organizations can make sure that mission-critical data is always recoverable and protected from ransomware attacks. With reliable ransomware protection solutions configured beforehand, organizations and local governments can continue operating and brush-off ransomware attacks as if they were nothing.
StoneFly offers a wide range of enterprise grade data protection solutions that can facilitate organizations, local governments and federal governments to protect mission-critical data from cyber-attacks and cyber-threats like ransomware. Our products are trusted by nuclear-class submarines to protect their confidential and important data.
Learn more about StoneFly Backup and disaster recovery solutions: DR365V™ – Veeam-ready Backup & Disaster Recovery Appliance
Interested about Ransomware Protection? Talk to our experts today. Send us an email at [email protected] or give us a call at (510) 265 1616.