Skip to main content

The City Of Baltimore Blew Off A $76,000 Ransomware Demand Only To Find Out A Bunch Of Its Data Had Never Been Backed Up

The City of Baltimore was hit with a ransomware attack in May of this year. Criminals using remodeled and rebranded NSA exploits (EternalBlue) knocked out a "majority" of the city's servers and crippled many of its applications. More details didn't surface until September when the city's government began reshuffling the budget to cover the expenses of recovering from the attack.

The person in charge of the city's systems was Frank Johnson, who went on leave (presumably permanently) after a post-attack audit found the IT director hadn't done much IT directing.

Johnson, who also serves as the city's chief digital officer, received significant criticism from local authorities for the response to the May 7 attack. City council members alleged a lack of transparency and communication in the wake of the incident, as well as an inability to maintain a functional organization "during an emergency event." He also also never drafted a continuity of operations plan for an IT attack of the kind that occurred.

It looks like the list of stuff Johnson was being paid to do that he never did. Hence the catastrophic outcome when the city refused to pay the $76,000 ransom. Given the fact that $6 million has already been pulled from parks and public utilities funds to "harden" city systems, the $76,000 demand now seems like a bargain.

City residents should be asking WTF their tax dollars are being spent on. The city's audit of its compromised system rolls on, delivering even more embarrassing details about the city's IT skill set. (via Ars Technica)

A new audit of Baltimore’s information technology department says the agency lost key data during May’s ransomware attack because some in the agency used an outdated method for storing files: the hard drives on their individual computers.

[...]

“Performance measures data were saved electronically in responsible personnel’s hard drives,” [Baltimore City Auditor Josh] Pasch reported. “One of the responsible personnel’s hard drive was confiscated and the other responsible personnel’s selected files were removed due to the May 2019 ransomware incident."

Bureaucracies are prone to understatement and the assessment of the ghastly state of affairs by Pasch was no exception. According to Pasch, the permanently-missing data resulted in a "loss of confidence" in the city's IT department's ability to do its job.

This understatement brought the hearing to a halt as council members expressed their disbelief that city data was not being backed up. Their comments were less understated.

Hearing that, City Councilman Eric T. Costello, a former government IT auditor himself, stopped the hearing.

“That can’t be right? That’s real?” Costello asked.

It's apparently real. City data needed for an audit cannot be recovered because the IT department never made an effort to express the dangers of storing the only copy of data locally. It also apparently never made a push to create cloud backups of important files. When the ransomware struck, the stuff locked up was -- in far too many cases -- to only copy of that stuff.

The tragically hilarious postscript to this is the city's response to Ars Technica's request for info on the city's cyberattack recovery plans.

Ars has requested information from the city regarding the contracting details for the recovery, but the city has thus far provided no data. Requests for data on the status of patches and disaster recovery plans were refused because the documents do not exist as a result of the ransomware attack.

It's easy to mock governments for their inability to properly handle the massive amounts of data they collect, create, and retain. And so we shall. The city figures it will cost $18 million to recover from a rejected $76,000 ransom demand. I guess if you're going to play chicken with extortionists, you might want to make sure your backup plans at least meet min spec.



Permalink | Comments | Email This Story


Udimi - Buy Solo Ads from Techdirt. https://ift.tt/2MNwITC
via IFTTT
Labels:

Comments

Post a Comment

Popular posts from this blog

9 VCs in Madrid and Barcelona discuss the COVID-19 era and look to the future

Spain’s startup ecosystem has two main hubs: Madrid and Barcelona. Most observers place Barcelona first and Madrid second, but the gap appears to close every year. Barcelona has benefitted from attracting expats in search of sun, beach and lifestyle who tend to produce more internationally minded startups. Madrid’s startups have predominantly been Spain or Latin America-focused, but have become increasingly international in nature. Although not part of this survey, we expect Valencia to join next year, as city authorities have been going all-out to attract entrepreneurs and investors. The overall Spanish ecosystem is generally less mature than those in the U.K., France, Sweden and Germany, but it has been improving at a fast clip. More recently, entrepreneurs in Spain have moved away from emulating success in pursuit of innovative technologies. Following the financial crisis, the Spanish government supported the creation of startups with the launch of FOND-ICO GLOBAL, a €1.5 billi
Post a Comment
Read more

How to Stay Creative and Keep SEO in Mind

Information Technology Blog - - How to Stay Creative and Keep SEO in Mind - Information Technology Blog Search engine optimization (SEO) refers to customizing your website’s content to ensure that web browsers give your website a high SEO score. The sites with the highest SEO scores are featured on the search engine’s first page of search results for relevant searches.  71%  of the click-throughs happen with articles listed on the first page of results on the search engine. This means that if your website’s article is the second (or third, or fourth page), it’s less likely the search user will even see your article. You want your article to be ranking as close to the top of the first page of results as possible. In order to have a good SEO score your site’s content needs to feature keywords and relevant phrases. It must be optimized for easy navigation between pages. It also needs to be referenced via external links that drive traffic to your site. Incorporating all of these elem
Post a Comment
Read more

Digital World And SEO Challenges In 2020

Information Technology Blog - - Digital World And SEO Challenges In 2020 - Information Technology Blog Can you imagine a life without any digital intervention? Certainly not! We are dependent on the assistance of smart gadgets from ordering food to our tables to book tickets for vacations. Humans are utterly reliant on a masterpiece they have built with their incredible intellects. I am amazed by this. Let’s have a broader look into it. The Era Of Digital Marketing We exist in a time where every single business entity requires assistance from the digital market. It has now put an end to conventional marketing practices. To get your product the desired popularity, one must choose an E-commerce business approach. According to a survey , almost 3.4 billion people (approx. 85% of users) spend about six and a half hours browsing the web. Your customers will be more likely to do an online purchase rather than buying it from a nearby store. So, get a cool website built, use the best pos
Post a Comment
Read more