RobinHood ransomware attacks that the paralyzed government from Baltimore could come to UW city

Baltimore & # 39; s city government has been paralyzed by a ransomware cyber attack for almost a month – and cities around the world may be next, experts fear.

Advertisements

The city's computer systems were outdated and IT experts failed to install adequate updates to protect against attacks, which would have prevented their spread.

This is a problem that affects almost all major companies and cities around the world and some in the tech sector fear that similar attacks will only increase in number.

Andrew Martin, CEO of cyber security company DynaRisk, told MailOnline: & # 39; Free patches have been around for two years and could have corrected the error, but large companies and government agencies often have legacy systems on the ground.

& # 39; Sometimes they only have to update them once a year and they may not have set enough budgets to update thousands of servers and computers.

& # 39; Any city or company with the same vulnerabilities will be difficult to update and potentially at risk. & # 39;

The hack echoes 2017's devastating WannaCry attack on computers in 74 countries, including Russia, Turkey, Germany, Vietnam and the Philippines

Advertisements

Scroll down for video

The Baltimore city council has been paralyzed for almost a month by a ransomware cyber attack that could have been prevented, experts claim. & # 39; RobbinHood ransomware & # 39; closed several computers in the Baltimore government buildings on 7 May

The Baltimore city council has been paralyzed for almost a month by a ransomware cyber attack that could have been prevented, experts claim. & # 39; RobbinHood ransomware & # 39; closed several computers in the Baltimore government buildings on 7 May

WHAT HAPPENED IN 2019 BALTIMORE HACK?

Baltimore was the newest major American city, after Atlanta, Georgia and San Antonio, Texas, to be hit by a ransomware attack in May 2019.

Smaller cities such as Greenville, North Carolina and Allentown, Pennsylvania were also targeted.

The Baltimore attack focused on the Microsoft Windows operating system and blocked the town hall computer system, online sales and real estate sales.

The RobbinHood virus uses a Microsoft code vulnerability known as EternalBlue.

Advertisements

Andrew Martin, CEO of cyber security company DynaRisk, told MailOnline: & # 39; Eternalblue and RobbinHood are completely separate.

& # 39; Eternalblue can be seen as the channel through which the RobbinHood virus can be delivered. & # 39;

EternalBlue was developed by the National Security Agency (NSA) with its headquarters in Maryland.

The hack tool, which leaked from the NSA, was put on the internet in April 2017 by & # 39; Shadow Brokers & # 39 ;, a hack group that popped up for the first time in mid-2016.

The & # 39; RobbinHood ransomware & # 39; closed several computers in Baltimore's government buildings on May 7 and hackers demanded £ 100,000 (£ 78,000) in Bitcoin.

Advertisements

The attack has disabled voicemail, e-mail, a database with parking fines and a system for paying water bills, property taxes and vehicle citations.

The local government of the city has refused to pay the ransom contribution, which abuses the encryption of Microsoft systems.

RobbinHood virus uses a Microsoft code vulnerability known as EternalBlue and first discovered by NSA.

Mr. Martin added: & # 39; Eternalblue and RobbinHood are completely separate.

& # 39; Eternalblue can be seen as the channel through which the RobbinHood virus can be delivered. & # 39;

Advertisements

Leaked out by the NSA, the hack tool was posted on the internet in April 2017 by & # 39; Shadow Brokers & # 39 ;, a hack group that first emerged in mid-2016.

M. Martin revealed that patches for protection are freely available after they were released two years ago and can easily be installed technically.

Problems arise when a versatile organization struggles to stay up-to-date and has different & # 39; legacy systems & # 39 ;.

Tyler Moore, an associate professor of cyber security at the University of Tulsa, wrote in an article The Washington Post that such repairs have been able to limit the damage enormously.

RobbinHood caused enormous disruptions in Baltimore after shutting down several computers in the city government.

Advertisements

Mr. Martin added: "The attack has hit consumers hard, but indirectly.

& # 39; People were unable to conclude real estate transactions and this is understandably hugely traumatic for these people. & # 39;

Another simple but effective method that the city of Baltimore has not implemented is the presence of offline backups that would be immune to the threat.

If these had been entered, the problem could have been solved much faster.

The Baltimore City Hall (photo) was the target of a cyber attack. The attack has disabled voicemail, e-mail, a database with parking fines and a system for paying water bills, property taxes and vehicle citations

The Baltimore City Hall (photo) was the target of a cyber attack. The attack has disabled voicemail, e-mail, a database with parking fines and a system for paying water bills, property taxes and vehicle citations

The Baltimore City Hall (photo) was the target of a cyber attack. The attack has disabled voicemail, e-mail, a database with parking fines and a system for paying water bills, property taxes and vehicle citations

The WannaCry attack of 2017 exposed a vulnerability in the system of computers and spread at a speed of up to five million emails per hour.

Many of the computers were infected or had to be turned off as a precaution.

WannaCry and RobbinHood are noticeably different, but can take advantage of the same weakness in Microsoft coding.

Exact details of the virus code and the way in which it is transmitted must still be revealed, as the attack is still ongoing.

WHAT WAS THE WANNACRY ATTACK?

Advertisements

In May 2017, a huge ransomware virus attack spread to the computer systems of hundreds of private companies and public organizations around the world.

The software shut down computers and asked for a digital ransom before the control was returned safely.

In just a few hours, the malware had already been killed in at least 74 countries, including Russia, Turkey, Germany, Vietnam and the Philippines – and it was estimated that it was spreading at a speed of five million emails per hour.

Hospitals and doctors' practices in England were forced to reject patients and cancel appointments after the attack had paralyzed the NHS.

The WannaCry virus was aimed at the widely used Microsoft Windows operating system.

Advertisements

The virus encrypts certain files on the computer and then blackmails the user for money in exchange for access to the files.

It leaves the user with only two files: instructions on what to do next and the program Wanna Decryptor itself.

Advertisements

The hackers asked for payments of around £ 230 ($ 300) in Bitcoin.

Upon opening, the software tells users that their files are encrypted and gives them a few days to pay or their files are deleted.

It can quickly spread across an entire network of computers in a company or hospital and encrypt files on any PC.

Advertisements

. (TagsToTranslate) Dailymail (t) sciencetech

- Advertisement -