Cybercriminals are holding Baltimore hostage
Hackers are demanding a bitcoin ransom.
- Some 10,000 of Charm City's computers were attacked.
- Important day-to-day city functions are out of commission.
- Many municipalities are believed to be under-protected from hackers.
For some time, the internet's seamy underbelly has been the domain of hackers. The image of a teen banging away on a bedroom keyboard wreaking malicious havoc has become a stereotype. Yet, in addition to these lone wolves, we're becoming ever-more aware of worldwide, government-sponsored and operated programs that involve the manipulation of connected devices, not to mention the covert theft and surveillance of our personal data. And then there's ransomware — software unknowingly downloaded to a computer system it can hold hostage until a demand for real-world ransom is met. Ransomware isn't new — Big Think wrote in 2016 about Plainfield, New Jersey's unhappy experience — but now a major American city is seeing a significant number of its services shut down by hackers looking for a payday.
Stealing from everyone to pay the hackers
Image source: Gorodenkoff/Shutterstock
On May 7 2017, an estimated 10,000 computers operated by the city of Baltimore, Maryland were taken over by a ransomware program called RobbinHood. The cybercriminals behind the attack digitally delivered a demand for three bitcoins per sub-system (worth about $17,600 at the time), or 13 bitcoins (about $76,280) for the whole shebang before they would surrender control of all of the computers. They also noted that if the ransom wasn't paid within four days, the price would go up.
The Baltimore Sun acquired a copy of the "ransom note," which made clear the purpose of the attack and the need to act promptly: "We won't talk more, all we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!" (An expert told the Sun that misspellings and weird grammar are often deliberately used by hackers to throw off investigations, so the strange language doesn't necessarily mean the perpetrators are not native English speakers.) The note included the usual ransom warnings against involving the authorities (the FBI in this case) or begging for a decline extension, "so don't ask for more times or somethings like that." The city immediately noticed the FBI regardless.
Baltimore mayor Bernard Young told reporters, "Right now, I say no. But in order to move the city forward? I might think about it. But I have not made a decision yet."
The impact of the attack
Image source: Mgeyer/Shutterstock
While the attackers fortunately didn't target emergency services such as 911 and 311, they did invade a majority of Baltimore's servers. Among those were the city's email and voice mail; their parking-fine computers; their payment portal for water bills, vehicle citations, and property taxes; and the city's system for processing real estate transactions — some 1,500 pending home sales are simply stuck for the time being.
Fortunately, the local hospitals have been more vigilant than the city, and keep their computers better protected against hacking — Robbinhood is having no effect on them.
The future of ransomware
Baltimore at night
Image source: Mgeyer/Shutterstock
That a municipality such as Charm City had not sufficiently strengthened its defenses against cyberthreats, and thus found itself vulnerable, is no big surprise. In addition to the financial cost of staying ahead of the cyber-bad guys, politicians in local, state, and federal governments are often stunningly obtuse when it comes to technology, and are often well behind the curve. Don Norris of University of Maryland tells the Sun, "You've got increasingly sophisticated and very persistent bad guys out there looking for any vulnerability they can find, and local governments, including Baltimore, who either don't have the money or don't spend it to properly protect their assets."
2017's WannaCry ransomware attack — allegedly courtesy of the North Korean government — made clear just how vulnerable the world's systems are to malicious hacking. It hit tens of thousands of systems in over 100 countries that were running Microsoft Windows as their operating system. In the same year, some American hospitals were also attacked, as were corporations in Ukraine, Russia, Israel, France, and the UK.
In general, cyberattacks and ransomware have come to the fore as certainly among the most worrying threats to modern life. From power grids to water supplies to military infrastructure to banking systems, everything is networked, everything is software, and it's all potentially hackable. That nothing has brought our entire civilization crashing down is likely more due to a lack of intent than any particular technical challenge.
Baltimore's experience is a warning to system administrators at all levels and in both the public and private sectors to stay sharp, and proof that spending precious dollars to keep systems protected — painful as it may be to divert these funds from other important uses — is unfortunately money well worth spending.