Baltimore City Cryptocurrency Ransomware Attack Will Cost At Least $18 Million 

Baltimore has been struggling with an aggressive cyber-attack over the last five weeks, previously profiled here, it has now been revealed the attack will cost the city $18.2 million, reported WBAL-TV 11.

The cost estimates were disclosed at a recent City Council budget hearing: city officials have already paid $4.6 million for recovery efforts since the ransomware was discovered May 7 and could spend an additional $5.4 million in 2H19. The remaining $8.2 million is from the loss or delayed revenue and loss of interest and penalty income.

As of Tuesday, 35% of city employees had their email accounts restored, with the possibility of a full system restore by the end of the week.

Some city operations have been shut down for the last month. Public works officials said no residents have received water bills because of the cyber attack.

Three weeks ago, we reported all essential systems required for transacting real estate deals in the city went offline becuase of the hack.

Realtor R.J.Breeden, the owner of The Breeden Group, who has dozens of homes listed throughout the city, said the hack is a loss of confidence in city officials. Breeden said several of his deals last month didn't close because the title company he uses couldn't write a deed without accessing lien certifications on city severs.

Hackers demanded the city pay an $80,000 ransom in Bitcoin on May 7, but Mayor Bernard C. "Jack" Young refused to pay. To be fair, the cost of a full system restore of the city's servers would have been in the millions of dollars if the ransomware was paid.

"Even if you pay, you still have to go into your system and make sure they're out of it. You can't just bring it back up and believe they are gone. We would bear much of these costs regardless," Deputy Chief of Staff, Sheryl Goldstein, said.

Rep. Dutch Ruppersberger was briefed last week by the National Security Agency that the Baltimore ransomware attack had nothing to do with a stolen NSA tool, contrary to our earlier reporting.

Members of Maryland's congressional delegation, including Sens. Ben Cardin and Chris Van Hollen and Reps. Ruppersberger, Elijah Cummings, John Sarbanes and David Trone, received a classified government briefing on Monday about the incident.

"Yesterday, we heard that current evidence suggests the city's network was infected via a phishing effort by malware known as RobbinHood," the members said in a statement. "We urge against further speculation until the investigation is complete and look forward to sharing more as we learn more. We are grateful for the FBI's ongoing efforts and plan to fully engage with DHS to strengthen systems in Baltimore and across the country to keep this from happening in the future."

The Baltimore ransomware incident serves as an important reminder that cybersecurity on the municipality level is greatly needed - shows how one cyber attack can paralyze an entire city.