Mayor: City of Baltimore will have to rebuild some IT systems to recover from cyber attack - Technical.ly Baltimore

Civic

May 20, 2019 12:28 pm

Mayor: City of Baltimore will have to rebuild some IT systems to recover from cyber attack

Many systems are in "manual mode" as a result of the ransomware attack. The latest system to require a workaround: real estate.

Many of the City of Baltimore’s IT systems were taken offline on May 7 following a crippling cyber attack. Nearly two weeks later, these systems remain shut down as the city works with outside experts to restore systems, and the FBI investigates the Robbinhood ransomware attack.

On Friday, Mayor Bernard C. “Jack” Young released an update stating that the city was “well into the restorative process.” He also indicated that parts of that process take time. This includes deploying “enhanced monitoring tools” for 7,000 network users in order to contain the attack. Young also said that restoration also requires that “we rebuild certain systems to make sure that when we restore business functions, we are doing so in a secure manner.”

“I am not able to provide you with an exact timeline on when all systems will be restored. Like any large enterprise, we have thousands of systems and applications,” Young said. “Our focus is getting critical services back online, and doing so in a manner that ensures we keep security as one of our top priorities throughout this process. You may see partial services beginning to restore within a matter of weeks, while some of our more intricate systems may take months in the recovery process.”

(The weeks-to-months timeline squares with what we’re hearing from the cybersecurity community).

Officials have maintained that emergency services such as 911 and 311 service are continuing, and said other agencies have shifted “operations into manual mode and established other workarounds to facilitate the continued delivery of services to the public.”

Showing the scope involved in this change, the statement also included a list of some of the services that were affected.

  • On a wide operational scale, email and voicemail are not operational, though phone systems are online. The city’s online bill payment system is offline, and while bills can still be paid in person, late fees are suspended.
  • The mayor’s office also notes that the parking fines database cannot be accessed, but there’s a workaround to help citizens retrieve vehicles from the city impound lot.
  • New permits aren’t able to be received, but existing applications are being processed.
  • DPW is helping customers over the phone or in-person, and summer camp applications are being accepted in-person.
  • Open Baltimore, the city’s public records database, isn’t being updated, either, the Baltimore Sun reported.

Among the systems most directly affecting day-to-day business beyond government is that of real estate transactions, including home sales. Young said that the city would begin a manual workaround to this on Monday. While it remains unable to access financial records for a key document called a lien certificate to be generated, the city will allow people to sign a document that states they agree to pay outstanding charges that may be shown on the certificate. This must take place in-person at the Abel Wolman Municipal Building near City Hall.

Advertisement

“The bottom line is that if you’re trying to buy a home in Baltimore or purchase a commercial property, you can show up on Monday and get your Lien Certificate,” Young said. “It’s going to take a few extra steps, but we should be up and running right away.”

As recovery continues, there is also indication that the city’s overall cybersecurity posture will be discussed even when systems are restored.

Late last week, City Council President Brandon Scott said a new committee would be organized on “cybersecurity and emergency preparedness.”

Chaired by Councilman Eric Costello and Councilman Isaac “Yitzy” Schleifer, the committee will look at the response to the attack, obtain expert testimony and examine the city’s overall coordination on cybersecurity.

The latest attack comes after the city’s 911 system was temporarily shut down by a ransomware attack last year. On Friday, the Baltimore Sun reported that city Chief Information Officer Frank Johnson told the city’s planning commission in January that the city was “woefully behind in cybersecurity capabilities, staff needs and infrastructure.”

And it’s been a concern in municipal circles, as Atlanta was attacked last year. Before the latest in Baltimore, Greenville, N.C., also fell victim to the Robbinhood ransomware.

Scott started his own statement this way: “This cyber attack against Baltimore City government is a crisis of the utmost urgency.”

Companies: City of Baltimore
-30-
JOIN THE COMMUNITY, BECOME A MEMBER
Already a member? Sign in here

Advertisement

These Baltimore students learned Python and put it to work at the city’s Department of General Services

Here’s a look at Baltimore’s proposed rules and regulations for e-scooters, e-bikes

Congressman: ‘No evidence’ that NSA cyberweapon was used in Baltimore

SPONSORED

Baltimore

Building a data acquisition system? Don’t make this mistake

Baltimore

14 West

Senior Java Software Engineer

Apply Now

6 takeaways on the future of data privacy

NYT: Tool used in cyber attack on City of Baltimore was developed at Maryland-based NSA

Google regrants access to Baltimore workers’ temporary Gmail accounts shut off during ransomware recovery

SPONSORED

Baltimore

How SmartLogic accelerated these startups’ product growth trajectories

Baltimore, MD 21201

14 West

Senior Data Engineer

Apply Now
Baltimore, MD

SmartLogic

Product Designer

Apply Now
Baltimore, MD 21201

14 West

Customer Success Associate

Apply Now

Sign-up for daily news updates from Technical.ly Baltimore

Do NOT follow this link or you will be banned from the site!