Baltimore's government computer system was hit reportedly with Robbinhood ransomware yesterday shutting down most of the city’s servers and forcing the city council to cancel meetings.
The Baltimore Sun obtained a copy of the ransom note which contained an a la carte demand list asking for 3 bitcoins, about $17,600, to decrypt individual systems or 13 bitcoins, about $76,000, to decrypt all the city’s systems.
The city has four days to pay or the price would escalate and after 10 days the servers would be wiped.
“Baltimore City core essential services (police, fire, EMS and 311) are still operational but it has been determined that the city’s network has been infected with a ransomware virus. City employees are working diligently to determine the source and extent of the infection,” Tweeted Baltimore Mayor Bernard Young.
Young also said the city does not believe any data has been removed from the system, but to prevent any further spread or possible future exfiltration the servers have been placed offline.
Greenville, N.C. was victimized by Robbinhood in April that had effectively knocked the city offline, but managed to recover without having to resort to paying the ransom demand.
Atlanta was hit last summer with SamSam ransomware that did a similar level of damage to its computer systems. The city did not pay the ransom and struggled to get back online with the price tag for the recovery came close to $20 million.