Baltimore has been hobbled for weeks thanks to Ransomware which looks like it was contracted from an unpatched system – although Ransomware often gets contracted via phishing and spear phishing.

The mayor is doing what any mayor would do – put on a brave face and make it seem like all is well.

The reality is the city has been infected for weeks -residents are being forced to drive to offices to make payments and Gmail accounts being used temporarily were shut off at one point by Google in error.

We mentioned on May 11 the company is back to the stone age and although things are better, they aren’t by much.

As #Ransom Deadline Nears, Baltimore City Continues To Struggle For Fix https://t.co/hNRtf2J0MT#Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware #virus #apt #pii #nist #fcc #finra #hipaa #pci pic.twitter.com/6Yd6QrxJeE

— Rich Tehrani (@rtehrani) May 17, 2019

The story has been ongoing – a lesson should be learned by all businesses and government agencies. Yes, the NSA discovered flaws in computer systems which were subsequently hacked and leaked online. This doesn’t mean blaming the agency is helpful.

#Baltimore seeks answers, help for crippling cyberattack linked to #NSA https://t.co/PiydZo9aaT#Cybersecurity #cybercrime #cyberattacks #hacker #hack #breach #phishing #dos #ransomware #malware #virus #apt #pii #nist #fcc #finra #hipaa #pci pic.twitter.com/cCfjAEL9bP

— Rich Tehrani (@rtehrani) May 28, 2019

The damage to the city so far has been about $18 million and counting.

Still today, the city is dealing with payments manually.

According to city officials, Baltimore’s IT organization has already purchased more than $1 million in new hardware from Dell under an existing contract. And using a provisional staffing contract, the city has begun to bring in temporary workers to help in malware cleanup. It’s not clear whether the cost of that labor has been fully accounted for in the $10 million Raymond said would be spent on the cleanup itself.

Even worse – personal data is being posted online by hackers who are looking to push Baltimore into paying. This means there will likely be costs associated with paying the people whose information was compromised as a result of this attack.

Typically ransomware gets paid or companies wipe their computers and restore from backups – if they have them. It’s worth noting, even when ransoms do get paid – there is no guarantee data will be restored.

This is the first case we’ve seen where data is being posted publicly by the hackers in order to encourage payment.

This could be a new twist for hackers and something to be very concerned about.

So Baltimore is open for business – sort of. It’s better to say they are severely crippled and dealing with increasing amounts of legal and financial liability as time goes on.

We have put together cybersecurity best practices for every organization. We urge you to read the document and live by it.