Hackers tried to infect a Baltimore 911 computer system with ransomware, the city’s government said on Wednesday.
The attack was a “limited breach” of a computer-aided dispatch network that supports Baltimore’s 911 and 311 services, the city’s chief information officer Frank Johnson said in a statement..
“We were able to successfully isolate the threat and ensure that no harm was done to other servers or systems across the city’s network,” Johnson added. “No personal data of any citizen was compromised in this attack.”
Baltimore’s IT office noticed the attack on Sunday morning. Fortunately, no critical systems were disrupted. The 911 computer system temporarily switched into manual mode, triggering call center support staff to help relay details of the emergency calls to dispatchers. Over 17 hours later the system was fully restored.
News of the intrusion emerged earlier this week, but on Wednesday Baltimore’s city government confirmed that ransomware was involved in the attack.
City officials have so far declined to name or offer details about the ransomware strain. “This is an active investigation. Getting into further details could compromise the investigation,” said Baltimore deputy press secretary James Bently in an email.
However, the city’s chief information officer added: “We have determined that the vulnerability was the result of an internal change to the firewall by a technician who was troubleshooting an unrelated communication issue within the CAD (computer aided dispatch) System.”
Baltimore has been the latest US city hit with a ransomware attack. Last week, the city of Atlanta also experienced a ransomware outbreak that continues to plague its systems.
It isn’t clear if the two attacks are related. Atlanta’s disruption has been attributed to the SamSam ransomware strain; the hackers responsible are demanding the city pay $51,000 to unlock their infected systems.
Ransomware typically strikes by encrypting all the data on a computer, and threatening to delete it, unless the victim pays up. Often times, the malicious code can come through phishing emails or via known vulnerabilities in software. So it’s a good idea to patch your systems and be wary around opening email attachments.