clearn.png
Wednesday September 18th, 2019 1:14AM

8 days after cyberattack, Baltimore's network still hobbled

By The Associated Press
Related Articles
  Contact Editor

BALTIMORE (AP) — More than a week after a cyberattack hobbled Baltimore's computer network, city officials said Wednesday they can't predict when its overall system will be up and running and continued to give only the broadest outlines of the problem.

Baltimore's government rushed to take down most computer servers on May 7 after its network was hit by ransomware. Functions like 911 and EMS dispatch systems weren't affected, officials say, but after eight days, online payments, billing systems and email are still down. Finance department employees can only accept checks or money orders.

No property transactions have been conducted since the attack, exasperating home sellers and real estate professionals in the city of over 600,000. Most major title insurance companies have even prohibited their agents from issuing policies for properties in Baltimore, according to the Greater Baltimore Board of Realtors.

Citing an ongoing criminal investigation, Baltimore's information technology boss Frank Johnson and other city leaders said Wednesday they could provide no specifics about the attack from the ransomware variant RobbinHood or realistically forecast when the various hobbled layers of the city's network would be back up.

"Anybody that's in this business will tell you that as you learn more those plans change by the minute. They are incredibly fluid," said Johnson, stressing that city employees, expert consultants and others were working "round the clock" to mend the breached network.

The FBI's cyber squad agents have been helping employees in Maryland's biggest city try to determine the source and extent of the latest attack.

Johnson's tenure has now included two major breaches to the city's computer systems. This month's problems come just over a year since another ransomware attack slammed Baltimore's 911 dispatch system, prompting a worrisome 17-hour shutdown of automated emergency dispatching. The March 2018 attack required operating the critical 911 service in manual mode.

Johnson is one of the city's highest paid employees, earning $250,000 a year. That's more than the mayor, the city's top prosecutor and the health commissioner are paid. This latest attack came about a week after the firing of a city employee who, the inspector general said, had downloaded thousands of sexually explicit images onto his work computer during working hours.

While all municipalities are menaced by malware, cybersecurity experts say organizations that fall victim to such attacks often haven't done a thorough job of patching systems regularly.

Asher DeMetz, lead security consultant for technology company Sungard Availability Services, suggested that eight days was a long time for a network to remain down.

"The City of Baltimore should have been prepared with a recovery strategy and been able to recover within much less time. That time would be dictated by a risk assessment guiding how long they can afford to be down," DeMetz said in an email. "They should have been ready, especially after the previous attack, to recover from ransomware."

City Solicitor Andre Davis said Baltimore was working "hand in glove" with the FBI, Microsoft officials, and expert contractors that he and other officials declined to identify. Before TV news crews, Davis likened the cyberattack to a brutal assault, a comparison that many residents can clearly understand in a city struggling to bring down one of urban America's highest rates of violent crime.

"My preferred way of thinking about it is: The city network was viciously assaulted by a culprit and seriously injured," Davis said. Baltimore's top lawyer portrayed the city network as an injured patient who has emerged from the ICU and faces a "long course of physical therapy."

Baltimore authorities, who hope to prosecute the culprit behind the latest attack, said they were in close contact with counterparts in Atlanta. Last year, a ransomware attack significantly disrupted city operations there and caused millions of dollars in losses. In December, two Iranian men already indicted in New Jersey in connection with a broad cybercrime and extortion scheme were indicted on federal charges in Georgia related to that ransomware attack demanding payment for a decryption key.

It's not clear what culprits are demanding from Baltimore's City Hall.

"We're not going to address or discuss in any way the ransom demand," Davis said.

___

Follow McFadden on Twitter: https://twitter.com/dmcfadd

  • Associated Categories: Associated Press (AP), AP National News, AP Technology News
© Copyright 2019 AccessWDUN.com
All rights reserved. This material may not be published, broadcast, rewritten, or redistributed without permission.
Alaska floatplanes collided at 3,300 feet before crashing
Two sightseeing planes that crashed in southeast Alaska collided at about the 3,300-foot level
7:40PM ( 15 minutes ago )
Officials: PG&E equipment sparked deadly California wildfire
California fire officials say Pacific Gas & Electric Corp. power lines sparked a Northern California blaze that killed 85 people, making it the deadliest U.S. wildfire in a century
7:38PM ( 17 minutes ago )
Met Museum: No more money from family connected to OxyContin
The Metropolitan Museum of Art says it will stop taking money gifts from members of the Sackler family connected to the pharmaceutical company that makes OxyContin
7:38PM ( 18 minutes ago )
Associated Press (AP)
Trump's Iran moves trigger warnings, demands from Congress
Lawmakers from both parties in Congress are demanding more information on the White House's claims of rising threats in the Middle East, warning President Donald Trump off a dangerous escalation with Iran
7:16PM ( 40 minutes ago )
Alabama governor signs near-total abortion ban into law
Alabama's governor has signed the most stringent abortion ban in the nation
7:10PM ( 45 minutes ago )
US abstains from global pledge to curb online violence
Facebook, Google, Twitter and other tech companies have joined a dozen countries in a global pledge to step up efforts to keep internet platforms from being used to spread hate, organize extremist groups and broadcast attacks
7:02PM ( 53 minutes ago )
AP National News
Alaska floatplanes collided at 3,300 feet before crashing
Two sightseeing planes that crashed in southeast Alaska collided at about the 3,300-foot level
7:40PM ( 15 minutes ago )
Officials: PG&E equipment sparked deadly California wildfire
California fire officials say Pacific Gas & Electric Corp. power lines sparked a Northern California blaze that killed 85 people, making it the deadliest U.S. wildfire in a century
7:38PM ( 17 minutes ago )
Met Museum: No more money from family connected to OxyContin
The Metropolitan Museum of Art says it will stop taking money gifts from members of the Sackler family connected to the pharmaceutical company that makes OxyContin
7:38PM ( 18 minutes ago )
Trump to launch new immigration overhaul push
Trump set to lay out yet another immigration plan as he tries to convince the American public and lawmakers that the legal immigration system should be overhauled
7:35PM ( 20 minutes ago )
Judge orders FDA to speed up review of e-cigarettes
A federal judge is ordering the Food and Drug Administration to begin reviewing e-cigarettes
7:19PM ( 36 minutes ago )