The city of Baltimore is pushing for a disaster designation in the wake of a crippling ransomware attack. Officials from the city are currently seeking Federal aid to pay for the damage after learning from a New York Times report that the “Robbinhood” ransomware used the EternalBlue exploit developed by the National Security Agency (NSA).
EternalBlue is part of a set of tools created for the NSA’s Tailored Access Operations (TAO) group. These tools were later leaked by Shadow Brokers in 2017. It was then deployed two months later as part of WannaCry, the destructive cryptographic worm that began affecting thousands of computers worldwide. Shadow Brokers has been linked by security experts to a Russian intelligence agency; WannaCry has been attributed to North Korea’s military.
Robinhood Ransomware Attack
The “Robbinhood” ransomware attack has shutdown major governmental systems in Baltimore for over three weeks. This includes everything from police department systems to its the city’s property tax portal that are currently down. Government emails are unusable, payments to city departments cannot be made online and real estate transactions cannot be completed.
The unknown hackers are demanding around $100,000 in Bitcoins to end their seizure of the city’s vital systems. Baltimore City Mayor Jack Young has said the city will not pay the ransom.
Baltimore Under Siege
It seems inevitable that an entire city municipality would become the target of massive Ransomware attack. Previously, two Iranian hackers led a campaign of cyber terror using an advanced form of ransomware. Known as SamSam, the ransomware program paralyzed computer networks across North America and the United Kingdom. In addition, the hackers themselves collected as least $6 million and caused at least 30 million in losses. Ultimately, the U.S. Department of Justice was able to track them down and indict the hackers for this scheme.
As of the date of this article, most of Baltimore City’s government systems are facing a continuing lockout of their services. Furthermore, this situation has now become one of the most extensive cyber attacks in history, affecting nearly every important aspect of city life for Baltimore residents. Despite the impact on residents, the blockchain crypto press has largely ignored this situation.
Ransomware Attacks Rising
Over the past few years, Ransomware attacks are steadily increasing as more IT startup companies emerge into the public sphere. Therefore with a lack of options available, blockchain organizations are choosing to pay the ransoms to avoid the devastating consequences.
In addition, a study by ProPublica found that most ransomware attacks have a large degree of success. This is due in large part to businesses and individuals being willing to pay hackers in cryptocurrency. Similarly, case studies have shown that hackers use Bitcoin as part of large money laundering operations which may involve using multiple Bitcoin addresses to obscure transactions. Rather than capitulate, the Baltimore government is calling upon all available resources and Federal support to investigate and find the criminals responsible. The finding of liability for the NSA by Federal officials is still in progress.