Baltimore government finally gives up and pays $6M USD for ransomware attack

The serious ransomware attack that Baltimore recently suffered has pushed the city government to make extraordinary decisions. According to ethical hacking specialists, after a long meeting government officials decided to transfer about $6 million USD from the public works fund to assist in the May ransomware attack incident recovery process.

These resources will help the city’s IT staff cover the incident recovery costs, as well as start implementing measures to improve their IT security ecosystem; “It’s a necessary investment,” said the chairman of the Estimates Board, Bernard C. Young.

In addition, Young noted that it was agreed to take these $6 million USD from the recreation, parks and public spaces funds of the city. “It was necessary for our ethical hacking teams to take back control of our critical IT infrastructure,” he added. The city government has also considered hiring an insurance policy against cybersecurity incidents.

In this regard, the Baltimore government has already received a contract proposal that, in exchange for about $850k USD would provide insurance of up to $20 million USD in cybersecurity incident coverage. The coverage would be offered by AXA and Chubb Insurance jointly, with $10 million in coverage each.

The officials responsible for the city budget, in collaboration with ethical hacking specialists, say the total cost of recovery from this incident is at least $18.2 million USD. Of the total cost about $10 million would be expended in recovery costs, while the remaining money will be used to cover losses caused by ransomware infection, resulting from fine payment, utilities and various taxes. On the other hand, the attackers demanded a ransom of 13 Bitcoin, equivalent to about $150k USD according to the cryptocurrency current exchange rate.

However, city government spokesman Lester Davis mentions that, to the extent that some of the city’s systems are restored, revenue will start flowing again, so in the end the recovery cost might be lower than expected. In addition, when questioned about the hiring of the insurance policy against cybersecurity incidents, the spokesman mentioned: “This is one of the main objectives of the city government, so hopefully it can be realized as soon as possible.”

According to ethical hacking specialists from the International Institute of Cyber Security (IICS) the incident occurred last May, when a group of threat actors unlawfully accessed the city’s systems, infecting them with a variant of unidentified ransomware and demanding a ransom of hundreds of thousands of dollars. Although hackers managed to compromise most of the Baltimore government’s servers, authorities decided not to pay the ransom and notify federal agencies.

Reports of ransomware attacks against U.S. government agencies have increased significantly for at least the past two years. This is mainly due to poor security measures implemented in some local governments, making them easy prey for hackers.