- A ransomware attack in Baltimore has shut down numerous government servers, preventing citizens from using essential services and blocking city employees from accessing their emails and computers.
- The attack has been going on for two weeks and Baltimore has refused to pay the ransom.
- This is the second attack on Baltimore in the last 15 months.
- A similar attack in Atlanta last year cost the city an estimated $17 million in fixes.
Government computer servers in Baltimore, Maryland have been held hostage by hackers for two weeks, preventing citizens from accessing essential services and impending government functions.
The attack occurred on May 7, when hackers breached nearly 10,000 government computers and demanded the city pay them 13 bitcoins, now about $100,000, to get their system networks back.
According to the Baltimore Sun, who obtained a copy of the ransom note, the hackers said they would increase the ransom if the city did not pay in four days. If the city did not pay in 10 days, they said it would not get their information and data back at all.
Both those deadlines have come and gone, and the city has refused to pay the ransom, meaning that the servers that were shut down by the attack are still offline.
The hackers used ransomware called RobbinHood, which uses software to block access to servers. In order to get that access back, you need a sort of “digital key.” If the ransom is paid, the hackers would give the city that key. According to experts, replicating the key without the help of the hackers is essentially impossible.
Baltimore officials were first alerted to the ransomware attack when the Department of Public Works reported that their email servers had been shut down.
Once the city realized what was going on, the Office of Information Technology shut down most of the city’s non-emergency system, so the attack would not spread further.
It is not clear how widespread the attack was because the infected systems are still down.
City officials have said that emergency services like 911 dispatch were not affected by the attack, but it has still impacted the citizens of Baltimore and city employees.
Certain systems are down, so residents have not been able to access essential services, like the websites where they pay water bills, property taxes, and parking tickets.
City employees have been locked out of their emails for two weeks now, forcing them to use their own laptops and personal e-mail addresses to get work done.
The issue of government employees using private servers and personal accounts could raise questions about transparency and accountability, as those are practices usually not allowed under normal circumstances.
The attack has also hurt Baltimore’s property market because officials cannot access systems required for real estate sales.
“We are well into the restorative process, and as I’ve indicated, are cooperating with the FBI on their investigation. Due to that investigation, we are not able to share information about the attack.” Baltimore Mayor Jack Young said in a press release. “As I’ve mentioned previously, we engaged leading industry cybersecurity experts who are on-site 24-7 working with us.”
Mayor Young did not say how bad the damage was, nor did he give a definitive timeline for recovery.
“Some of the restoration efforts also require that we rebuild certain systems to make sure that when we restore business functions,” he said. “I am not able to provide you with an exact timeline on when all systems will be restored.”
Other Instances of Cyber Attacks
The attack on Baltimore has raised questions about the importance of safeguarding cities against cyber attacks. This is especially true for Baltimore, as the ransomware marks the second cyber attack the city has had in the last 15 months.
Just last March, a different attack shut down the city’s 911 system for nearly a whole day, forcing dispatchers to give first-responders essential information about emergencies by phone instead of electronically.
While any number of cities or companies are susceptible to being hacked, some experts have argued that Baltimore is especially vulnerable.
“I think broadly they are not prepared for these sorts of things, they do not have the budget,” said Bill Siegel, a chief executive at Coveware told the Wallstreet Journal. His firm helps various entities that have experienced cyber attacks and he said, “I think it’s pretty obvious that they have not been able to stay ahead of it.”
That is not for lack of trying. After last year’s attack, Baltimore City Council President Brandon Scott pushed city officials to invest in strengthening the city’s cyber defenses.
According to Ars Technica, Baltimore’s information security manager also warned that the city needed a formal policy to address cybersecurity during budget hearings last year.
However, the budget did not include any funding for that policy or any other investments in information technology infrastructure. Now it’s coming back to bite them.
That said, Baltimore is not alone. Just the last year, more than 20 different municipalities have been hit by cyber attacks. Last month, Greenville, North Carolina was hit with a similar attack that used the same RobbinHood ransomware.
Last year, Atlanta made headlines when hackers demanded that the city pay $50,000 in bitcoins in another ransomware attack. Like Baltimore, both Greenville and Atlanta refused to pay the ransom.
While that’s exactly what experts and law enforcement officials recommend, often times, the costs of a cyber attack can be much higher than the ransom requested.
According to a report obtained by the Atlanta Journal-Constitution and WSB-TV, the attack in Atlanta ended up costing nearly $17 million to fix.
Unlike Baltimore, Greenville and Atlanta had insurance to cover cybersecurity incidents, so hypothetically, Baltimore could pay even more than Atlanta to restore the city after the hack.
Cybersecurity experts had said it probably will take months for Baltimore to recover, and the costs are expected to be extremely high, which is a burden that could end up in the hands of taxpayers.
See what others are saying: (Vox) (The Wall Street Journal) (The Baltimore Sun)
New COVID-19 Variant Could Become Dominant in the U.S. by March, CDC Warns
- The CDC warned Friday that a new highly transmissible COVID-19 variant could become the predominant variant in the United States by March.
- The strain was first reported in the United Kingdom in December and is now in at least 10 states.
- The CDC used a modeled trajectory to discover how quickly the variant could spread in the U.S. and said that this could threaten the country’s already overwhelmed healthcare system.
CDC Issues Warning
The Centers for Disease Control and Prevention warned Friday that the new COVID-19 variant could become the predominant variant in the United States by March.
While it is not known to be more deadly, it does spread at a higher rate, which is troubling considering the condition the U.S. is already in. Cases and deaths are already on the rise in nearly every state and globally, 2 million lives have been lost to the coronavirus.
The variant was first reported in the United Kingdom in mid-December. It is now in 30 countries, including the U.S., where cases have been located in at least ten states. Right now, only 76 cases of this variant have been confirmed in the U.S., but experts believe that number is likely much higher and said it will increase significantly in the coming weeks. It is already a dominant strain in parts of the U.K.
Modeled trajectory shows that growth in the U.S. could be so fast that it dominates U.S. cases just three months into the new year. This could pose a huge threat to our already strained healthcare system.
Mitigating Spread of Variant
“I want to stress that we are deeply concerned that this strain is more transmissible and can accelerate outbreaks in the U.S. in the coming weeks,” said Dr. Jay Butler, deputy director for infectious diseases at the CDC told the New York Times. “We’re sounding the alarm and urging people to realize the pandemic is not over and in no way is it time to throw in the towel.”
The CDC advises that health officials use this time to limit spread and increase vaccination as much as possible in order to mitigate the impact this variant will have. Experts believe that current vaccines will protect against this strain.
“Effective public health measures, including vaccination, physical distancing, use of masks, hand hygiene, and isolation and quarantine, will be essential,” the CDC said in their report.
“Strategic testing of persons without symptoms but at higher risk of infection, such as those exposed to SARS-CoV-2 or who have frequent unavoidable contact with the public, provides another opportunity to limit ongoing spread.”
See what others are saying: (Wall Street Journal) (New York Times) (NBC News)
Former Michigan Gov. and 8 Others Charged Over Flint Water Crisis
Michigan Gov. Rick Snyder. (Al Goldis/AP)
- Ex-Michigan Gov. Rick Snyder was charged with two counts of willful neglect of duty Wednesday for his role in the Flint water crisis
- By Thursday, eight more former state and city officials were charged with crimes ranging from involuntary manslaughter to extortion.
- Flint residents have long awaited this news. In 2019, prosecutors dropped all criminal charges against 15 officials and said they would start the investigation from scratch, citing concerns about how the special counsel had conducted its probe.
Rick Snyder Charges
Michigan Attorney General Dana Nessel’s office said Thursday that it had filed 41 charges against nine former state and city officials for their role in the Flint water crisis.
The most high-profile figure to be charged was former Michigan Gov. Rick Snyder. On Wednesday, he was hit with two counts of willful neglect of duty.
He was the state’s top executive when local officials decided to switch the city’s drinking water source to the Flint River in 2014.
The switch was supposed to be a temporary cost-saving measure while a pipeline was being built to Lake Huron. However, the water wasn’t treated properly for corrosion, so lead-contaminated water was released into the homes of people all over the city. Because of that, 12 people died and at least 90 were sickened with Legionnaires’ disease.
Snyder appeared in court this morning via Zoom, pleading not guilty to the two misdemeanor charges. If convicted he could face up to a year in prison and as much as a $1,000 fine.
His charges alone are significant because they make him the first governor or former governor in the state to ever be charged with a crime for alleged conduct while in office.
8 Others Charged
Along with Snyder, eight others were charged, including a former state health director Nick Lyon. Lyon received nine charges of involuntary manslaughter, among others.
Richard Baird, one of Snyder’s closes advisors was changed for extortion, perjury, and obstructions of justice. Others who were charged include:
- Jarrod Agen, Snyder’s former chief of staff and Vice President Mike Pence’s former communications director.
- Dr. Eden Wells, a former chief medical executive for the state Department of Health and Human Services.
- Darnell Earley, former Flint finance director and state-appointed emergency manager.
- Gerald Ambrose, former state-appointed emergency manager.
- Howard Croft, former Flint Public Works Director.
- Nancy Peeler, the state’s director of maternal, infant and early childhood home visiting for the health department.
Flint residents have waited a long time for justice over the water contamination issue. Prosecutors previously dropped all 15 criminal charges tied to the Flint case in 2019 and said the investigation would begin again from scratch.
At the time, they cited concerns about how the special counsel had conducted its probe.
It also wasn’t until last year that the state reached a $600 million settlement with victims, establishing a fund from which residents can file for compensation.
See what others are saying: (NPR) (The Detroit News) (Detroit Free Press)
Three Lawmakers Test Positive for COVID-19 Following Capitol Attack
- At least three Congressmembers have tested positive for COVID-19 following Wednesday’s pro-Trump attack on the Capitol.
- Rep. Bonnie Watson Coleman (D-NJ), Rep. Pramila Jayapal (D-Wash.), and Rep. Brad Schneider (D-Ill.) believe they contracted the virus after locking down in close quarters with numerous Republican lawmakers who refused to wear masks.
- Jayapal and Schneider are calling for those who did not wear a mask to face consequences.
Rep. Bonnie Watson Coleman Tests Positive
At least three members of Congress have tested positive for COVID-19 after locking down in close quarters with other House members during Wednesday’s pro-Trump attack on the Capitol.
Congress’ attending physician, Brian Monahan, warned that members may have been exposed during the lockdown. He recommended that everyone who was isolated inside should get tested for the virus.
On Monday Rep. Bonnie Watson Coleman (D-NJ) became the first to announce that she tested positive. Watson Coleman believes she was exposed while in the Capitol lockdown. In her statement, she cited the multiple Republicans who refused to wear masks while inside. Video footage from Punchbowl News shows a Democratic lawmaker handing out masks and a handful of Republicans declining to take one.
Watson Coleman is a 75-year-old lung cancer survivor. While she said she is only experiencing cold-like symptoms, she tweeted that per a doctor’s suggestion, she headed to a local hospital for antibody treatment. She also encouraged those who sheltered in place to get tested.
More Cases Follow
Later on Monday, Rep. Pramila Jayapal (D-Wash.) said she too had tested positive, also blaming a lack of mask-wearing in the Capitol. In a lengthy Twitter thread, she said Republicans created a superspreader event and demanded consequences for their actions.
“Many Republicans still refused to take the bare minimum COVID-19 precaution and simply wear a damn mask in a crowded room during a pandemic—creating a superspreader event ON TOP of a domestic terrorist attack,” she wrote.
“Any Member who refuses to wear a mask should be fully held accountable,” Jayapal added.
“I’m calling for every single Member who refuses to wear a mask in the Capitol to be fined and removed from the floor by the Sergeant at Arms.”
Rep. Brad Schneider (D-Ill.) echoed her frustrations on Tuesday after releasing a statement saying he has become the third House member to have tested positive following the lockdown.
“Today, I am now in strict isolation, worried that I have risked my wife’s health and angry at the selfishness and arrogance of the anti-maskers who put their own contempt and disregard for decency ahead of the health and safety of their colleagues and our staff,” he wrote.
Like Jayapal, he is calling for sanctions against those who opted to not wear masks.
Many health officials feared that this lockdown could lead to a surge in cases. They also worry that the mob itself could lead to a superspreader event as most of those who attacked the Capitol were not wearing masks and were crowding together both inside and outside of the building.