Baltimore will not pay ransomware demand: Mayor Young

Original Post from SC Magazine
Author: Doug Olenick

Newly minted Baltimore Mayor Bernard Young said the city has no intention of paying the ransom demand set by the cyberattackers who have locked up a large portion of the city’s servers with Robbinhood ransomware.

The Baltimore Sun
obtained a copy of the ransom note which contained an a la carte demand list
asking for 3 bitcoins, about $17,600, to decrypt individual systems or 13
bitcoins, about $76,000, to decrypt all the city’s systems.

Whether nor not Young will be able to stick with his decision will depend upon whether or not the city can rebuild its databases through its backups and if not the mayor may have to come to another conclusion, said John Burger, ReliaQuest CISO and vice president of threat management.

“If Baltimore has no viable backups available, and there are
no other options, paying the ransom should ultimately be treated as a business
decision. Keep in mind that there are middle ground paths as well — the city
of Leeds Alabama was infected with ransomware and originally told to pay a
$60,000-dollar ransom. They successfully “negotiated” it down to $8,000,”
Burger said.

Chris Dawson, threat intelligence lead at Proofpoint,
believes Baltimore was likely singled out by the attackers who use existing
vulnerabilities in networks and end points to compromise a system, a
methodology he said was used in the Norsk
Hydro
attack earlier this year.

“While the massive campaigns targeting individuals a couple
of years ago often demanded hundreds of dollars to unlock an individual PC, now
threat actors are attempting to take advantage of deeper pockets and higher
stakes to demand much larger ransoms,” he said.

The attack began on May 6 and according to City Union of
Baltimore President Antoinette Ryan-Johnson, many city workers are unable to do
their jobs and that while some work is taking place she understands that every
city department has been impacted in some manner, The
Baltimore Sun
reported.

Among the impacted systems are the city’s email along with
credit card payment systems, Johnson said. And with pay day coming for city
workers the Enoch Pratt Free Library is allowing city agencies to use its
unaffected computer system so staffers can access the payroll system, The Sun
reported.

The post Baltimore will not pay ransomware demand: Mayor Young appeared first on SC Media.


Go to Source
Author: Doug Olenick

Leave a Reply

Your email address will not be published. Required fields are marked *

WordPress Appliance - Powered by TurnKey Linux