Select Page

Ransomware Attack Targets City Departments of Baltimore

On May 7th, “Robbinhood” ransomware successfully attacked and disrupted city services of Baltimore. At this time, several reports indicate that no progress has been made and local government bodies are simply unable to offer city services due to compromised data and servers. Without effective data protection solutions in place, experts expect high volume of data loss and a prolonged outage of city services.

This just goes to show that ransomware attacks have a huge potential to compromise mission-critical organizational data and lead to disruption and outages. While ransomware attacks have become a common occurrence in the news, organizations, businesses and local governments aren’t as prepared as they should be for such cyber-threats.

This inability to prepare beforehand leads to events such as the one in Baltimore.

Baltimore’s Second Ransomware Attack in 2 Years

This isn’t Baltimore’s first encounter with a ransomware attack. On March 2018, the city’s 911 and 311 automated dispatch was hacked and dispatchers had to switch to manual mode until the problem was taken care of.

A year later, Baltimore’s city services ended up being the victims while the city’s automated dispatch systems remain unaffected.

As a result, the city has to figure out how much data they will be losing whereas people have to endure the delayed response in the provision of services. Basically, the everyday processes of the city have come to a grinding halt.

A report by Baltimore Sun states that hackers are demanding payment of 3 bitcoins per system, or 13 bitcoins in exchange for freeing all the city’s systems. The Mayor however, has clearly said that he has no intention of paying the ransom and that people are working diligently to locate the source and extent of the infection.

 What’s Really Alarming About Baltimore’s Ransomware Attack?

The local government body released a statement saying that the ransomware attack was quarantined; they still couldn’t say when the systems would be back online. In other words, the disruption would only continue for an unspecified period of time.

Another alarming thing about this situation was that there had been previous a case of ransomware attack on the city a year ago. Don Norris, a professor emeritus at the University of Maryland who also surveyed local government leaders about computer security in 2016, said,

“I’m not surprised that it happened, and I won’t be surprised when it happens again.”

This only shows that despite their recent experience of dealing with a ransomware, the city of Baltimore was not prepared for yet another ransomware attack.

The question here is, if the city of Baltimore had prepared beforehand could this situation have been avoided? The answer to question is a resounding “Yes”.

How Baltimore Could Have Fend-off this Ransomware Attack?

Evidently, ransomware attacks are getting complex by the day. Hackers and ransomware creators are constantly working to find loopholes and disrupt the system. The rapid evolution of ransomware is making it very difficult for anti-malware and anti-virus programs to keep up with them. It is good practice to setup programs that detect ransomware attacks and protect mission-critical data but what’s better is to have backup and disaster recovery solutions set in place.

In the case of Baltimore, if they had setup on-premises or hybrid backup and disaster recovery solutions, they could’ve easily recovered and the ransomware attack would have been for nothing.

City departments usually have a mix of frequently access, infrequently accessed, and a great volume of archiving data. That’s why the best approach to it is to setup hybrid backup and disaster recovery solutions. With hybrid backup and DR solutions, the government bodies can keep frequently accessed or hot data copies on their on-premises infrastructure while keeping the less accessed or older copies in the cloud for long term data retention.

The local government body of Baltimore maintains that they’ve had several audits and have gotten clean “bill of health” every time. The fact that they can’t recover, and that a ransomware attack has led to such disruption, suggests otherwise.

So What Are The Takeaways From This “Robbinhood” Ransomware Attack?

Cyber-attacks are a real threat and without preparation organizations, businesses and local governments are leaving themselves vulnerable to disruption, data corruption and data loss. These are the realities that modern organizations have to face today. Fortunately, there are backup and disaster recovery solutions..

By configuring data protection plans, such as the 3-2-1 data protection strategy, organizations can make sure that mission-critical data is always recoverable and protected from ransomware attacks. With reliable ransomware protection solutions configured beforehand, organizations and local governments can continue operating and brush-off ransomware attacks as if they were nothing.

StoneFly offers a wide range of enterprise grade data protection solutions that can facilitate organizations, local governments and federal governments to protect mission-critical data from cyber-attacks and cyber-threats like ransomware. Our products are trusted by nuclear-class submarines to protect their confidential and important data.

Learn more about StoneFly Backup and disaster recovery solutions: DR365V™ – Veeam-ready Backup & Disaster Recovery Appliance

Interested about Ransomware Protection? Talk to our experts today. Send us an email at [email protected] or give us a call at (510) 265 1616.

Lynx Ransomware: Attack Vectors, Impact, and Mitigation Strategies

Lynx Ransomware: Attack Vectors, Impact, and Mitigation Strategies

Lynx ransomware is a fast-spreading and highly disruptive malware that encrypts critical business data and demands ransom payments for decryption. It can halt operations, compromise sensitive information, and cause significant financial damage. Recent reports indicate...

8Base Ransomware: Detection, Prevention, and Mitigation

8Base Ransomware: Detection, Prevention, and Mitigation

8Base ransomware is a rapidly growing cyber threat targeting businesses across various sectors. Known for its sophisticated tactics and double extortion model, it encrypts critical data and steals sensitive information, demanding ransom for both. As the risk of 8Base...

Inside Rhysida Ransomware: Infiltration, Impact, and Prevention

Inside Rhysida Ransomware: Infiltration, Impact, and Prevention

Rhysida ransomware is a dangerous cyber threat that has been disrupting organizations since May 2023. Known for its double extortion tactics, Rhysida encrypts files and exfiltrates sensitive data, pressuring victims to pay or face public exposure. It infiltrates...

Turla Ransomware: Comprehensive Analysis of the Russian APT

Turla Ransomware: Comprehensive Analysis of the Russian APT

Turla ransomware is a sophisticated cyber threat known for its stealthy operations and advanced infiltration techniques. Leveraging custom malware, zero-day vulnerabilities, and highly targeted attacks, Turla poses a significant risk to corporate networks across...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email