Ransomware 'RobbinHood' Downs Most City Hall Servers



In Baltimore, Maryland, a government office computer is infected with ransomware and most of its servers are shut down. It is unfortunate that the emergency call system has not been affected, but almost all departments are affected in some way.

Baltimore city government computer network hit by ransomware attack-Baltimore Sun

“RobbinHood” ransomware takes down Baltimore City government networks | Ars Technica

At the press conference, Frank Johnson, Chief Information Officer in Baltimore, revealed that the malware used in the attack was 'RobbinHood', a highly aggressive ransomware. According to the FBI, it is recognized that 'it is a completely new variant of RobbinHood' that was used this time.

Attackers demand 3 BTC (approx. $ 17,600 for 2 million yen) per system from Baltimore City or 13 BTC (approx. 76,300 for $ 8.4 million yen) for the entire city system The payment deadline is 'within 4 days', and if it has not been paid by then, the price goes up, and after 10 days it has threatened that the data can no longer be recovered.

The city of Baltimore had a precedent that was attacked by Ransomware in March 2018. At this time, the emergency call system would be offline. The city's security was up-to-date for two “incidents” in two years, Johnson said.

As of May 9, 2019, two days after the occurrence of the problem, there is no prospect of recovery.

in Security, Posted by logc_nt