Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

5/22/2019
02:45 PM
100%
0%

Baltimore Email, Other Systems Still Offline from May 7 Ransomware Attack

The city's mayor says there's no 'exact timeline on when all systems will be restored.'

The city of Baltimore's email system remains down today as it continues its recovery from a massive ransomware attack on May 7 that is under investigation by the FBI. 

Baltimore suffered an attack from the so-called Robbinhood ransomware variant but vowed not to pay the ransom, which has not been made public. As of today, the city was unable to send or receive email messages, and Baltimore Mayor Bernard C. "Jack" Young said in a statement on Friday that it's unclear just when all of the city's systems would be available. 

"I am not able to provide you with an exact timeline on when all systems will be restored. Like any large enterprise, we have thousands of systems and applications. Our focus is getting critical services back online, and doing so in a manner that ensures we keep security as one of our top priorities throughout this process. You may see partial services beginning to restore within a matter of weeks, while some of our more intricate systems may take months in the recovery process," he said.

Some systems are being rebuilt, he said. "We are well into the restorative process, and as I've indicated, are cooperating with the FBI on their investigation. Due to that investigation, we are not able to share information about the attack."

Researchers at Armor, who have studied the attack, confirmed that as of this posting, no monies had been paid to the Bitcoin wallet address used in the city's ransom note or to the wallet assigned to the City of Greenville, N.C., which was also hit by the same ransomware earlier.

Read more here

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/22/2019 | 3:47:45 PM
Cities on a tight budget
Many have said that towns and civic government in general are on the bare bones side of an IT budget, so they lack the fancy dan products available in the industry.  I say BAH, HUMBUG.  One cannot ignore the basics of the trade and shame to IT professionals who do not advocate for and act upon backup strategy and restore strategy.  It is not ransomware that can destroy - a failed server, a failed hard drive set can be just as bad and require as much time to fix.  Desktop imaging is a mature technology now.  Anybody hear at base of something called GHOST?  It works in a pinch.  Standard images for systems should exist somewhere and  be backed up.  These are not fancy things folks!   They are dead dumb basic and any IT department or staffer should advocate for them or not be in the industry.  At the least backup CRITICAL DATA by itself.  It can be done and is done.  I remember Iron Mountain taking out our backup tapes on September 10, 2001.  Oh yeah, that was a good thing.  1 day late the data center on 103rd floor was gone.   Backups are as old as the IT industry is.  Woe betide our profession if we do not obey the most basic rules of them all, and the oldest. 
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at Adaptiva,  8/15/2019
Tough Love: Debunking Myths about DevOps & Security
Jeff Williams, CTO, Contrast Security,  8/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-5638
PUBLISHED: 2019-08-21
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential leak, that user accou...
CVE-2019-6177
PUBLISHED: 2019-08-21
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Le...
CVE-2019-10687
PUBLISHED: 2019-08-21
KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.
CVE-2019-11601
PUBLISHED: 2019-08-21
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
CVE-2019-11602
PUBLISHED: 2019-08-21
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.