Hackers are demanding a bitcoin ransom.
- Some 10,000 of Charm City's computers were attacked.
- Important day-to-day city functions are out of commission.
- Many municipalities are believed to be under-protected from hackers.
Stealing from everyone to pay the hackers<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8xOTU1NDg2My9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYzMzE2MTcyOX0.nyIgoF5nVMY9dV1sQNSTFmnau5_HNwUP2xD25QwALzQ/img.jpg?width=980" id="fa5ef" class="rm-shortcode" data-rm-shortcode-id="46001ca564b08f143ace406d899424c4" data-rm-shortcode-name="rebelmouse-image" />
Image source: Gorodenkoff/Shutterstock<p>On May 7 2017, an estimated 10,000 computers operated by the city of Baltimore, Maryland were taken over by a ransomware program called <a href="https://www.bleepingcomputer.com/news/security/a-closer-look-at-the-robbinhood-ransomware/" target="_blank">RobbinHood</a>. The cybercriminals behind the attack digitally delivered a demand for three <a href="https://bigthink.com/reuben-jackson/bitcoin-101-everything-you-need-to-know-about-investing-buying-and-mining-digital-currency" target="_self">bitcoins</a> per sub-system (worth about $17,600 at the time), or 13 bitcoins (about $76,280) for the whole shebang before they would surrender control of all of the computers. They also noted that if the ransom wasn't paid within four days, the price would go up.</p><p>The <a href="https://www.baltimoresun.com/news/maryland/politics/bs-md-ci-it-outage-20190507-story.html" target="_blank"><em>Baltimore Sun</em></a> acquired a copy of the "ransom note," which made clear the purpose of the attack and the need to act promptly: "We won't talk more, all we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!" (An expert told the <em>Sun</em> that misspellings and weird grammar are often deliberately used by hackers to throw off investigations, so the strange language doesn't necessarily mean the perpetrators are not native English speakers.) The note included the usual ransom warnings against involving the authorities (the FBI in this case) or begging for a decline extension, "so don't ask for more times or somethings like that." The city immediately noticed the FBI regardless.</p><p>Baltimore mayor Bernard Young told reporters, "Right now, I say no. But in order to move the city forward? I might think about it. But I have not made a decision yet."</p>
The impact of the attack<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8xOTU1NDg2OC9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYwODk0MjA5NX0.MH4p0nIjMJsyU6y27757LdGYCjI6WY1V4QSLQFjUOAo/img.jpg?width=980" id="dc023" class="rm-shortcode" data-rm-shortcode-id="6720fd042933f2da708b72e048439901" data-rm-shortcode-name="rebelmouse-image" />
Image source: Mgeyer/Shutterstock<p>While the attackers fortunately didn't target emergency services such as 911 and 311, they did invade a majority of Baltimore's servers. Among those were the city's email and voice mail; their parking-fine computers; their payment portal for water bills, vehicle citations, and property taxes; and the city's system for processing real estate transactions — some 1,500 pending home sales are simply stuck for the time being. </p><p>Fortunately, the local hospitals have been more vigilant than the city, and keep their computers better protected against hacking — Robbinhood is having no effect on them.</p>
The future of ransomware<img type="lazy-image" data-runner-src="https://assets.rebelmouse.io/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpbWFnZSI6Imh0dHBzOi8vYXNzZXRzLnJibC5tcy8xOTU1NDg3MS9vcmlnaW4uanBnIiwiZXhwaXJlc19hdCI6MTYwODQzNjc2M30.cwAQDjgiX7RUS9Gtcd_AOP1661pMqOa-1XGXRtsJVc8/img.jpg?width=980" id="beae9" class="rm-shortcode" data-rm-shortcode-id="f15620c2d5b2099481cfdecdd635f5de" data-rm-shortcode-name="rebelmouse-image" />
Baltimore at night
Image source: Mgeyer/Shutterstock<p>That a municipality such as <a href="https://www.baltimoresun.com/news/bs-xpm-1995-07-18-1995199190-story.html" target="_blank">Charm City</a> had not sufficiently strengthened its defenses against cyberthreats, and thus found itself vulnerable, is no big surprise. In addition to the financial cost of staying ahead of the cyber-bad guys, politicians in local, state, and federal governments are often stunningly obtuse when it comes to technology, and are often well behind the curve. Don Norris of University of Maryland tells the <em>Sun</em>, "You've got increasingly sophisticated and very persistent bad guys out there looking for any vulnerability they can find, and local governments, including Baltimore, who either don't have the money or don't spend it to properly protect their assets."</p><p>2017's <a href="https://en.wikipedia.org/wiki/WannaCry_ransomware_attack" target="_blank">WannaCry</a> ransomware attack — allegedly courtesy of the North Korean government — made clear just how vulnerable the world's systems are to malicious hacking. It hit tens of thousands of systems in over 100 countries that were running Microsoft Windows as their operating system. In the same year, some American hospitals were also attacked, as were corporations in Ukraine, Russia, Israel, France, and the UK.</p><p>In general, cyberattacks and ransomware have come to the fore as certainly among the most worrying threats to modern life. From power grids to water supplies to military infrastructure to banking systems, everything is networked, everything is software, and it's all potentially hackable. That nothing has brought our entire civilization crashing down is likely more due to a lack of intent than any particular technical challenge.</p><p>Baltimore's experience is a warning to system administrators at all levels and in both the public and private sectors to stay sharp, and proof that spending precious dollars to keep systems protected — painful as it may be to divert these funds from other important uses — is unfortunately money well worth spending.</p>
Adults tend to become lazy with their thinking, backing into moral and ethical wrongdoing without noticing fully what they’re doing.