Md. Congressional Leaders Want To Know 'Who' & 'How' In Baltimore Ransomware Attack
WASHINGTON, DC (WJZ) — Maryland congressional delegation members say when it comes to the ransomware attack on Baltimore, they want to know, "who" and "how."
The leaders, including Senators Ben Cardin and Chris Van Hollen, as well as Rep. Elijah E. Cummings, Dutch Ruppersberger, John Sarbanes and David Trone received a classified briefing from senior employees of the National Security Agency on the recent cyber attack on Baltimore.
"We are all concerned about the reported leak of cyber tools and the potential for serious damage to American cities and companies. When it comes to the ransomware attack in Baltimore, we all want to know, 'who' and 'how.'"
"Yesterday, we heard that current evidence suggests the city's network was infected via a phishing effort by malware known as RobbinHood. We urge against further speculation until the investigation is complete and look forward to sharing more as we learn more. We are grateful for the FBI's ongoing efforts and plan to fully engage with DHS to strengthen systems in Baltimore and across the country to keep this from happening in the future."
RELATED STORIES:
- Woes Continue For Baltimore City Employees After Ransomware Attack
- Md. Leaders Seek Briefing From NSA On Report That NSA Tool Was Used In Ransomware Attack
- First Day For Manual Real Estate Workaround As Baltimore's Computers Remain Crippled By Ransomware
- Baltimore Delegation Request FBI Briefing On Baltimore Ransomware Attack
The ransomware attack hit the City earlier last month and is estimated to cost the city more than $18 million, council member Isaac "Yitzy" Schleifer said.
Baltimore Mayor Jack Young and other city leaders reiterated that number in a press conference Tuesday, and added it cost $10 million to repair and rebuild the computer systems, $8 million in deferred revenue and lost fines/fees.
City officials said they would not pay any ransom.
They said July property tax bills will be out as usual. Baltimore's AA Bond rating was not impacted by the attack, according to the finance director.
They added that they hope a report on forensics behind the attack is complete by July.
The City said it has reauthenticated 35 percent of employee computer system users- providing new usernames and passwords- as well as payment of parking/red light and speed cams.
Officials said all costs incurred will be subject to audit and the city can use emergency contracts and on-call contractors without Board of Estimates approval.
They said they were able to recover information on tickets through May and directed people to come to Wolman Building Room 2 to pay or clear registration flags.
The Department of Public Works noted water meters are still operational but the system that provides billing is not.
DPW Director Rudy Chow warned that customers should expect a larger bill in the future when all water usage since the ransomware attack will be tallied together. He noted DPW was not assessing late fees.
The suspected hacker repeatedly taunted Mayor Young on Twitter.
That alleged hacker also tried to contact various reporters including WJZ Investigator Mike Hellgren.
Twitter has now suspended the account.
City officials are not commenting on the cause of the attack.
The city encourages anyone with questions to call 311 and posted this message on its website.
