2019 Baltimore ransomware attack

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

The Baltimore ransomware attack occurred in May 2019, in which the American city of Baltimore, Maryland had its servers largely compromised by a new variant of ransomware called RobbinHood. Baltimore became the second U.S. city to fall victim to this new variant of ransomware after Greenville, North Carolina and was the second major city in the country with a population of over 500,000 people to be hacked by ransomware in two years, after Atlanta was attacked the previous year.


On May 7th 2019, most of Baltimore's government computer systems were infected with a new and aggressive ransomware variant named RobbinHood. All servers, with the exception of essential services, were taken offline. In a ransom note, hackers demanded 13 bitcoin (roughly $76,280) in exchange for keys to restore access. The note also stated that if the demands were not met within four days, the price would increase and within ten days the city would permanently lose all of the data. [1][2][3][4][5][6][7]

The attack had a negative impact on the real estate market as property transfers could not be completed until the system was restored on May 20th.[8] However, the restoration of all systems was, as of May 20, 2019, estimated to take weeks more.[9]

Baltimore was susceptible to such an attack due to its IT practices, which included decentralized control of its technology budget and a failure to allocate money its information security manager wanted to fund cyberattack insurance.[9] The attack has been compared to a previous ransomware attack on Atlanta the previous year, and was the second major use of the RobbinHood ransomware on an American city in 2019, as Greenville, North Carolina was also affected in April.[10]



  1. ^ "A ransomware attack is holding Baltimore's networks hostage". Engadget.
  2. ^ Song, Victoria. "Baltimore's Government Held Hostage by Ransomware Attack". Gizmodo.
  3. ^ Gallagher, Sean (May 8, 2019). ""RobbinHood" ransomware takes down Baltimore City government networks". Ars Technica.
  4. ^ Chokshi, Niraj (May 22, 2019). "Hackers Are Holding Baltimore Hostage: How They Struck and What's Next". The New York Times. ISSN 0362-4331. Retrieved May 29, 2019.
  5. ^ Liptak, Andrew (May 25, 2019). "Hackers reportedly used a tool developed by the NSA to attack Baltimore's computer systems". The Verge. Retrieved May 29, 2019.
  6. ^ "Cyber-spies tight-lipped on Baltimore hack". BBC. May 27, 2019. Retrieved May 29, 2019.
  7. ^ "Microsoft sounded alarm two years ago about NSA hacking tool that reportedly hit Baltimore". Baltimore Brew. Retrieved May 29, 2019.
  8. ^ Stewart, Emily (May 21, 2019). "Hackers have been holding the city of Baltimore's computers hostage for 2 weeks". Vox. Retrieved May 21, 2019.
  9. ^ a b Gallagher, Sean (May 20, 2019). "Baltimore ransomware nightmare could last weeks more, with big consequences". Ars Technica. Retrieved May 21, 2019.
  10. ^ Duncan, Ian; Zhang, Christine (May 17, 2019). "Analysis of ransomware used in Baltimore attack indicates hackers needed 'unfettered access' to city computers". The Baltimore Sun. Retrieved May 28, 2019.