Cyber ​​security experts warn Baltimore against ransomware attacks


Cybersecurity experts have said that Baltimore was playing with fire while the deadline to pay ransoms in thousands of dollars to hackers holding several servers in the city is now over.

It's been two weeks since a cyberattack paralyzed Baltimore's computer network. The internet thieves initially wanted 13 bitcoins – about $ 100,000 – but the amount has since increased by $ 10,000 a day. The deadline for payment – Friday – has expired. The city does not say if it paid but several servers were still unusable Monday.

"What's frustrating with Baltimore is that the infection took a lot of time," Tobias told Tobias, CEO of Cytelligence. "If they are not fully up to date, why are they still playing with that?"

Tobok, whose company has helped 500 municipalities affected by ransomware attacks, says that it does not necessarily advocate paying cyber crooks, but believes that in some cases, "you do not have the choice, you must make a business decision. "

He also warns that if Baltimore continues to stall, the result could be devastating.

"Baltimore plays with time," he said. "They will come to a point where they have two choices – A. The (ransom demands) will skyrocket or B. Hackers will close the account they've used and exit."

If this happens, any communication or hope of restoring the data could be put aside, Tobok said.

Rupert Choudhry, a resident of Baltimore, says he "holds his breath" and fears that it may be calm before another even bigger storm.

"We are all in a wait-and-see mode," Choudhry told Fox News.

The cyber squad of the FBI and Microsoft experts have worked tirelessly to help the largest city in Maryland. The mayor's office told Fox News Monday that there had been no increase in the severity of the attack, but did not provide more details to this subject.

On Friday, Mayor Jack Young said that he was not able to provide "a specific timetable for the restoration of all systems."

"Like any big business, we have thousands of systems and applications," he said in a statement sent to Fox. "Our goal is to restore essential services online and to do so so that safety remains one of our top priorities throughout this process."

He added that the city could see "partial services begin to restore in a few weeks" while some of the more complex systems could take months in the recovery process. "

The attack itself has already had a devastating domino effect in Charm City. Residents have not been able to pay their bills online; financial services employees can only accept checks and money orders. No real estate transactions have been carried out since the attack. Most major title insurance companies have even banned their agents from issuing policies for real estate in Baltimore, according to the Greater Baltimore Board of Realtors.

Citing the ongoing criminal investigation, Frank Johnson, the city's chief information officer, and other city leaders said their hands were tied and they could not provide details on the issue. attack or predict realistically when the city would be operational.

They have several "alternatives" in place that allow some departments to slowly return to business. Johnson called the situation incredibly fluid.

"Everyone who works in this sector will tell you that as you learn more, these plans will change to the minute," he said.

Unfortunately, this is not the first time Baltimore has encountered cyberattacks.

The city's computer systems have suffered two major violations under Johnson's supervision.

The latest set of problems comes a little over a year after a new ransomware attack hit Baltimore's 911 dispatch system, causing a 17-hour break in automated dispatch. The March 2018 attack required the operation of the critical 911 service in manual mode.

Johnson is one of the highest paid employees in the city and earns $ 250,000 a year. It's more than the mayor, the attorney general and the health commissioner are paid.

This latest attack took place about a week after the dismissal of a city employee who, according to the Inspector General, had downloaded thousands of sexually explicit images on his work computer.

While all municipalities are threatened by malicious programs, cybersecurity experts say that organizations that have been victims of such attacks often have not done extensive work to regularly patch systems.

Asher DeMetz, senior security consultant for technology company Sungard Availability Services, told The Associated Press that the number of days off from Baltimore's servers is unusually long.

"The city of Baltimore should have been prepared with a recovery strategy and be able to recover in a much shorter time. This time would be dictated by a risk assessment indicating how long they could afford to stay down, "said DeMetz. "They should have been ready, especially after the previous attack, to recover ransomware."

In the last month alone, Stuart City, Florida, New York State, Imperial County, Cleveland Airport, Genesee County, Fisher County, Texas and the School District of Sugar City are among the known cyberattacks.

Source link