Select Page

Ransomware Attack Targets City Departments of Baltimore

On May 7th, “Robbinhood” ransomware successfully attacked and disrupted city services of Baltimore. At this time, several reports indicate that no progress has been made and local government bodies are simply unable to offer city services due to compromised data and servers. Without effective data protection solutions in place, experts expect high volume of data loss and a prolonged outage of city services.

This just goes to show that ransomware attacks have a huge potential to compromise mission-critical organizational data and lead to disruption and outages. While ransomware attacks have become a common occurrence in the news, organizations, businesses and local governments aren’t as prepared as they should be for such cyber-threats.

This inability to prepare beforehand leads to events such as the one in Baltimore.

Baltimore’s Second Ransomware Attack in 2 Years

This isn’t Baltimore’s first encounter with a ransomware attack. On March 2018, the city’s 911 and 311 automated dispatch was hacked and dispatchers had to switch to manual mode until the problem was taken care of.

A year later, Baltimore’s city services ended up being the victims while the city’s automated dispatch systems remain unaffected.

As a result, the city has to figure out how much data they will be losing whereas people have to endure the delayed response in the provision of services. Basically, the everyday processes of the city have come to a grinding halt.

A report by Baltimore Sun states that hackers are demanding payment of 3 bitcoins per system, or 13 bitcoins in exchange for freeing all the city’s systems. The Mayor however, has clearly said that he has no intention of paying the ransom and that people are working diligently to locate the source and extent of the infection. 

 What’s Really Alarming About Baltimore’s Ransomware Attack?

The local government body released a statement saying that the ransomware attack was quarantined; they still couldn’t say when the systems would be back online. In other words, the disruption would only continue for an unspecified period of time.

Another alarming thing about this situation was that there had been previous a case of ransomware attack on the city a year ago. Don Norris, a professor emeritus at the University of Maryland who also surveyed local government leaders about computer security in 2016, said,

“I’m not surprised that it happened, and I won’t be surprised when it happens again.”

This only shows that despite their recent experience of dealing with a ransomware, the city of Baltimore was not prepared for yet another ransomware attack.

The question here is, if the city of Baltimore had prepared beforehand could this situation have been avoided? The answer to question is a resounding “Yes”. 

How Baltimore Could Have Fend-off this Ransomware Attack?

Evidently, ransomware attacks are getting complex by the day. Hackers and ransomware creators are constantly working to find loopholes and disrupt the system. The rapid evolution of ransomware is making it very difficult for anti-malware and anti-virus programs to keep up with them. It is good practice to setup programs that detect ransomware attacks and protect mission-critical data but what’s better is to have backup and disaster recovery solutions set in place.

 In the case of Baltimore, if they had setup on-premises or hybrid backup and disaster recovery solutions, they could’ve easily recovered and the ransomware attack would have been for nothing.

City departments usually have a mix of frequently access, infrequently accessed, and a great volume of archiving data. That’s why the best approach to it is to setup hybrid backup and disaster recovery solutions. With hybrid backup and DR solutions, the government bodies can keep frequently accessed or hot data copies on their on-premises infrastructure while keeping the less accessed or older copies in the cloud for long term data retention.

The local government body of Baltimore maintains that they’ve had several audits and have gotten clean “bill of health” every time. The fact that they can’t recover, and that a ransomware attack has led to such disruption, suggests otherwise.

So What Are The Takeaways From This “Robbinhood” Ransomware Attack?

Cyber-attacks are a real threat and without preparation organizations, businesses and local governments are leaving themselves vulnerable to disruption, data corruption and data loss. These are the realities that modern organizations have to face today. Fortunately, there are backup and disaster recovery solutions..

By configuring data protection plans, such as the 3-2-1 data protection strategy, organizations can make sure that mission-critical data is always recoverable and protected from ransomware attacks. With reliable ransomware protection solutions configured beforehand, organizations and local governments can continue operating and brush-off ransomware attacks as if they were nothing.

StoneFly offers a wide range of enterprise grade data protection solutions that can facilitate organizations, local governments and federal governments to protect mission-critical data from cyber-attacks and cyber-threats like ransomware. Our products are trusted by nuclear-class submarines to protect their confidential and important data.

Learn more about StoneFly Backup and disaster recovery solutions: DR365V™ – Veeam-ready Backup & Disaster Recovery Appliance

Interested about Ransomware Protection? Talk to our experts today. Send us an email at sales@staging.stonefly.com or give us a call at (510) 265 1616.

The Spear Phishing Survival Guide

The Spear Phishing Survival Guide

Spear phishing stands as the favored gateway for ransomware delivery and infiltrating corporate networks. Shockingly, 36% of data breaches in 2022 involved phishing, with 25% utilizing email as the ransomware attack vector. Guarding against cyber threats and...

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

In a digitally transformed landscape fraught with ever-evolving cyber threats, the acronyms EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), MDR (Managed Detection and Response), and NDR (Network Detection and Response) have become...

Trigona Ransomware: What is it and How to Defend Against it

Trigona Ransomware: What is it and How to Defend Against it

In an ever-evolving digital landscape, the specter of ransomware looms large, and Trigona stands as a significant player in the realm of cyber threats. This blog delves into the multifaceted world of Trigona ransomware, unraveling its origins, unique characteristics,...

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

In the constantly evolving arena of cybersecurity, the digital landscape is fraught with adversaries lurking in the shadows, ready to exploit vulnerabilities and disrupt the operations of organizations. Among these threats, LockBit ransomware has emerged as a...

What Defending Against Ransomware-as-a-Service (RaaS) Entails

What Defending Against Ransomware-as-a-Service (RaaS) Entails

Ransomware has evolved, becoming a thriving business model for cybercriminals. Ransomware-as-a-Service (RaaS) exemplifies this transformation—a lethal alliance between the creators and distributors of ransomware. It’s no longer a threat relegated to tech...

You May Also Like

WordPress PopUp Plugin

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email