Ransomware attack against Maryland and Texas cities

Information security services specialists report two new ransomware attack incidents against some U.S. cities. This time is the turn of the city of Baltimore, Maryland, and Potter County, in the state of Texas. The authorities in Texas are about to complete their cybersecurity incident recovery process; on the other hand, Baltimore County suffered the collapse of most of its servers.

Local media reported that Baltimore City hall servers were infected with an unknown ransomware variant that has already infected other computers in the local government network.

In a statement, the Baltimore City Hall mentions: “critical services, such as police, firefighters, etc., operate normally; however, the computer network of the city is infected by a variant of ransomware. We do not have evidence that a data breach has been presented, but we will continue to take precautions; more information will be revealed shortly”.

Information security services specialists working with the city government have not revealed technical details about the attack, the way in which the systems were infected is also unknown.

For the second time during the last year the government of Baltimore suffers an infection of ransomware. The first attack, detected in March 2018, interrupted the city’s emergency call service, so employees had to attend to the calls of the employed population a manual system.

On the other hand, Potter County, Texas, has already restored most of its systems affected by a ransomware attack detected on April 22. According to information security services experts, local government personnel had to resort to the use of pen and paper to work after the attack, as the entire computer network was shut down.

According to reports of specialists from the International Institute of Cyber Security (IICS), the ransomware may have been present on the Potter County networks since the beginning of January 2019; County officials mention that they have been fighting the infection for about two weeks, claiming that they are in the final phase of the recovery process.

It is unknown whether these attacks are linked to recent attacks on the computer infrastructure of some local governments in the U.S., such as the recent hacking attack against Albany, New York.