Hackers Take Entire City Hostage—Demand Bitcoins22.05.2019

The assault on Baltimore’s IT infrastructure took place on May 7. The attackers used RobbinHood, a ransomware suite that locks the target behind a cryptographic algorithm many in the industry consider uncrackable. 

The hackers used what is commonly known as ransomware—a piece of malicious software that encrypts targeted computer systems and prevents the user from accessing the systems themselves or the data stored within. According to NPR, hackers used the ransomware to seize around 10,000 government computers in Baltimore, the largest city in the state of Maryland. 

Inhabited by over 600,000 residents, the Baltimore metro area ground to a halt in the wake of the attack. Since the attack two weeks ago, government officials and employees have been shut out from their computers and emails account, while residents citizens have been unable to access essential city services and government websites they use to pay their utility bills, taxes, and parking tickets. 

Hackers demanded 13 bitcoins, about $100,000, to release the city from their  grip. Annoyed by the city government’s attempts at negotiation, the attackers later issued a statement: “We won’t talk more, all we know is MONEY! Hurry up! Tik Tak, Tik Tak, Tik Tak!” Unfazed, Baltimore’s mayor, Jack Young, refused to bow to the ransom demands, and as a result, the city still has not recovered control of its computer systems. The attack follows a similar attempt against the city’s digital infrastructure from last year, which resulted in a 24-hour shutdown of the city’s emergency alert system and left the residents unable to contact emergency services. 

Ransomware attacks against municipal IT infrastructures have become quite common, especially in the US. The usual victims include city governments, schools, security firms, airports, and other soft targets that are widely known for lax cybersecurity procedures and using outdated and vulnerability-ridden computer systems. According to data from 2018, it is estimated that ransomware attackers can harvest up to a billion dollars per year from their  victims.