Most of the servers at City of Baltimore shut down after ransomware attack

For the second time in a year, systems of the city of Baltimore has been hit by a ransomware attack, forcing officials to shut down a majority of them.

The city of Baltimore shut down most of its servers in response to a ransomware attack that hit its network.

Baltimore Mayor Bernard C. Jack Young confirmed that City’s critical public safety systems, such as 911, 311, emergency medical services and the fire department were not impacted by the ransomware attack.

“Critical city services remain operational,” mayoral spokesman Lester Davis told The Brew, after the malware attack by unidentified hackers began infecting computers at City Hall and other agencies this morning.

By early afternoon, the majority of Internet servers were shut down as thousands of city employees were told to unplug their computers – and some departments dismissed their employees early.” reported the BaltimoreBrew website.

“We have a team of folks who are working with others from the state and federal level. They’ve quarantined the problem and are working diligently to bring the systems back on line,”

Feds along with city IT staff are investigating the incident to determine the way hackers had penetrated the city’s network and the extent of the cyberattack.

The ransomware attack on the Baltimore City Hall began on Tuesday morning and infected systems on city’s network with an unknown piece of ransomware,

Young also says the city technology officials are working diligently to determine the origin and extent of the cyber attack that left large swaths of Baltimore City government paralyzed.

City Hall personnel were forced to disconnect their computers from the internet to prevent the infection from spreading.

Director of Public Works told customers that City’s officials are temporarily unable to “take calls to discuss water billing issues,” while Finance Department blocked cash payments.

At this time is not known how much amount the attackers have demanded as a ransom, anyway the City will not pay it.

“The city will not be paying any ransom at all,” Democratic Mayoral spokesperson Lester Davis.

In March 2018, another attack hit the City of Baltimore, part of its 911 service was taken down during the weekend. The attackers targeted a specific server and took down the CAD system from 8.30am Saturday until around 2 am Sunday.

In April 2018, other cities fell victim of malware attacks. Systems at the city of Stuart, Fla., were infected by the Ryuk ransomware on April 13, 2018, while the City of Albany had its computer systems infected with the malware.

In the past, similar attacks were reported in the US, in January the City Hall of Del Rio, Texas, was hit by a ransomware attack and operations were suspended.

In November 2018, the City of Spring Hill, Tenn, suffered a ransomware attack,

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ransomware, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.