The US city of Baltimore has been partially paralyzed since 7 May, when a ransomware attack seized parts of the government’s computer systems. As soon as the city discovered that it had been attacked, it informed the FBI and took its systems offline in an effort to keep the infection from spreading.
But not before the attack took down voicemail, email, a parking fines database, and a system used to pay water bills, property taxes and vehicle citations. Real estate transactions were also shut down. It was lousy timing, given that this is one of the real estate industry’s busiest times of the year. The Baltimore Sun reported that hundreds of property sales could have been affected: A real estate agent with access to industry data told the newspaper that at least 1,500 sales were pending in Baltimore.
But a sliver of good news came when Mayor Bernard Young’s office announced that the city had developed a manual workaround that would allow real estate transactions to resume during the outage. Earlier, the mayor’s office had said that the city is “well into the restorative process.” The work includes rebuilding some systems in a way that will ensure that when business functions are restored, they’ll be functioning securely.
According to Fox News, a recent analysis of the city’s cybersecurity defenses found that the network was “out of date in terms of security, staffing, and infrastructure to prevent attacks.” Unlike both Greenville and Atlanta – which was hit by a SamSam attack last year – Baltimore doesn’t have an insurance policy to cover cybersecurity incidents. Baltimore’s head of computer security reportedly told City Council members last year at a budget hearing that the city needed one, but it didn’t happen.