Police, fire, EMS and 311 were not affected by today’s ransomware attack that left large swaths of Baltimore City government paralyzed.
“Critical city services remain operational,” mayoral spokesman Lester Davis told The Brew, after the malware attack by unidentified hackers began infecting computers at City Hall and other agencies this morning.
By early afternoon, the majority of Internet servers were shut down as thousands of city employees were told to unplug their computers – and some departments dismissed their employees early.
“We have a team of folks who are working with others from the state and federal level. They’ve quarantined the problem and are working diligently to bring the systems back on line,” Davis said.
No Ransom Payments
Ransomware is a type of malicious software that locks up a computer network, usually by encryption, so that users can’t access it. Attackers typically demand a fee (ransom) to decrypt the network, usually in the form of bitcoin.
“The city will not be paying any ransom at all,” Davis declared.
He said he could not predict when the impacted systems would be back online.
As more and more computers froze up this morning, workers were told to unplug Ethernet cables and turn off their computers and printers.
“There’s nothing we can do. Literally, we are just sitting here,” a City Hall employee said.
Activity in the normally busy Wolman Building, where residents pay water and other bills, came to a halt.
Soon the Department of Public Works was tweeting that both its email and customer service phone lines were not working.
“There’s nothing we can do. Literally, we are just sitting here.” – City Hall employee.
At the nearby Benton Building, many employees at the Department of Transportation went home.
And at the mayor’s office of constituent services, a staffer was apologetic, saying, “The system is completely down. They’re been working on it all morning.”
Not the First Attack
This is not the first assault on Baltimore’s Internet infrastructure.
A year ago, in March 2018, Baltimore’s 911 dispatch system was hacked by ransomware, prompting the system to revert to manual mode to handle emergency safety and medical calls.
City personnel labored for more than 15 hours to locate, isolate and take offline the server infected by the malware.