The City Of Baltimore Has Been Held Hostage By Cybercriminals For Two Weeks


Dr. Alfredo Carpineti

Senior Staff Writer & Space Correspondent

clockMay 23 2019, 18:45 UTC

The City Hall of Baltimore. f11photo/shutterstock

Over two weeks ago, cybercriminals breached the servers of Baltimore, Maryland, leading to various systems being taken offline and several municipal functions grinding to a halt. The attackers used ransomware called RobbinHood, the latest player in the world of cyberattacks.

The attack was discovered on May 7th, when city officials found that certain critical files were encrypted remotely and could no longer be accessed. The FBI was notified and city systems were taken offline for protection. However, the attackers had already taken down email, voicemail, a parking fines database, and a payment system for water, property taxes, and vehicle citations.


The whole system has roughly 7,000 users, who had to shift many of their operations to “manual mode” as a possible workaround. The real estate transactions system was taken down too, blocking home purchases, which the city only put a fix for in place this week.

The digital ransom note, which was seen by The Baltimore Sun, asked for three Bitcoins per system or 13 Bitcoins in total. The cryptocurrency can’t be traced, which is why it has been asked for in recent ransomware attacks. The value of bitcoins fluctuates a lot too. Today, 13 Bitcoins are worth around $102,000, but when the attack took place, they were worth less than $75,000.

“We are well into the restorative process, and as I’ve indicated, are cooperating with the FBI on their investigation. Due to that investigation, we are not able to share information about the attack. To the extent that we can, we will continue to keep you informed about our process,” Bernard Young, the Mayor of Baltimore, said in a statement.


“Some of the restoration efforts also require that we rebuild certain systems to make sure that when we restore business functions, we are doing so in a secure manner. I am not able to provide you with an exact timeline on when all systems will be restored.”

The situation is another example of the threat of cybercrime on public infrastructures, particularly if it were to occur at a national level. In March 2018, the city of Atlanta, Georgia, was the victim of a ransomware attack that cost them $2.6 million to recover from.

[H/T: The Baltimore Sun