Baltimore: Ransomware attack hobbled city's dispatch system

A ransomware attack hobbled Baltimore's 911 dispatch system over the weekend, a city official confirmed Wednesday, prompting a roughly 17-hour shutdown of automated emergency dispatching.

Earlier this week, Mayor Catherine Pugh's office didn't specify the nature of the cyberattack. But on late Wednesday afternoon, her chief information officer announced that it was caused by "ransomware perpetrators."

"We were able to successfully isolate the threat and ensure that no harm was done to other servers or systems across the city's network," said Johnson, who described it as a "limited breach."

But the cyberattack in Baltimore prompted a worrying shutdown of automated emergency dispatching from early Sunday into Monday and required the transition of the critical 911 service to manual mode.

"Anything that would disrupt the public's access to emergency services is very critical," said Brian Fontes, CEO of the National Emergency Number Association, a Virginia-based organization focused on 911 issues.

Baltimore's difficulties came days after another ransomware cyberattack staggered the city of Atlanta's computer network.

Atlanta officials said their attack included the encryption of some city data and caused outages for numerous city applications, but it did not affect police and fire emergency response systems, water supply safety or the Hartsfield-Jackson Atlanta International Airport. On Tuesday, Atlanta city employees were advised to turn on their computers and printers for the first time since the cyberattack hit the city's network last week.

In Baltimore, Johnson said the mid-Atlantic city's network was actually made vulnerable by an "internal change to the firewall" by a technician who was troubleshooting another issue within the automated dispatch system.

Johnson said that no personal data of any city resident was compromised.

Experts say that ransomware exploits known software vulnerabilities, and often organizations that fall victim to such attacks haven't done a thorough job of patching systems regularly.

Baltimore officials said they weren't aware of any specific ransom demand made by the hack into the dispatch system, but they called it a ransomware attack.

The FBI and other authorities are investigating both the Baltimore and the Atlanta cyberattacks.

___

David McFadden on Twitter: https://twitter.com/dmcfadd