BALTIMORE (WJZ) — Google disabled some of the Gmail accounts city workers were using while theirs remained down from a ransomware attack. Gmail requires a paid plan for business use.
Later Thursday evening, Google said they had restored access to the Gmail accounts for the city officials.
“We have restored access to the Gmail accounts for the Baltimore city officials. Our automated security systems disabled the accounts due to the bulk creation of multiple consumer Gmail accounts from the same network.” — a Google spokesperson said.
Sheryl Goldstein is the Chief of Staff for Operations—in charge of Baltimore City’s cyber attack response. She started the job last week. Goldstein tells WJZ Investigator Mike Hellgren she will not give a timetable for a full recovery but says Atlanta should serve as a good guideline.
She says it took that city six months to get most services up and running after its ransomware attack.
“We don’t want to disclose what we’re doing publicly and jeopardize the security of the system during the recovery process,” Goldstein said.
Goldstein said there are two teams working on the attack. One is focused on forensics and the other on recovery.
She points out that real estate lien transactions are now being processed at numbers close to 150 a day. That’s almost the pace pre-attack. A manual workaround started Monday at the Wolman building next to City Hall.
“I feel like they’re increasing every day. People are getting used to the process,” Goldstein said.
She encouraged anyone with problems or questions to call 311.
Late payment fees remain suspended for water bills and traffic citations.
Maryland’s United States Congressional delegation wrote a letter to the FBI director asking for a briefing on Baltimore’s cyber stacking once the criminal investigation is complete.
Among the topics they want the FBI to address:
- The identity of the individuals or groups responsible and the methods used in the attack
- What federal resources were available to the City to respond to the attack and regain control of its systems
- What resources were actually provided to the City
- What resources are available to assist the City in enhancing its cybersecurity to prevent similar attacks in the future
- Details of similar attacks to other municipalities and states, and steps your agencies and those governments took in the wake of those attacks
- What additional authority or funding Congress could provide to assist in recovery or prevent similar attacks on state and local governments around the country
You can read the full letter here.