2019 Baltimore ransomware attack

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

During the Baltimore ransomware attack of May 2019, the American city of Baltimore, Maryland had its servers largely compromised by a variant of ransomware called RobbinHood. Baltimore became the second U.S. city to fall victim to this new variant of ransomware after Greenville, North Carolina and was the second major US city with a population of over 500,000 people to be hacked by ransomware in two years, after Atlanta was attacked the previous year.


On May 7, 2019, most of Baltimore's government computer systems were infected with the aggressive ransomware variant RobbinHood. All servers, with the exception of essential services, were taken offline. In a ransom note, hackers demanded 13 bitcoin (roughly $76,280) in exchange for keys to restore access. The note stated that if the demands were not met within four days, the price would increase and within ten days the city would permanently lose all of the data.[1][2][3][4][5][6][7]

The attack had a negative impact on the real estate market as property transfers could not be completed until the system was restored on May 20.[8] However, the restoration of all systems was, as of May 20, 2019, estimated to take weeks more.[9]

Baltimore was susceptible to such an attack due to its IT practices, which included decentralized control of its technology budget and a failure to allocate money its information security manager wanted to fund cyberattack insurance.[9] The attack has been compared to a ransomware attack on Atlanta the previous year, and was the second major use of the RobbinHood ransomware on an American city in 2019, as Greenville, North Carolina was also affected in April.[10]


  1. ^ "A ransomware attack is holding Baltimore's networks hostage". Engadget.
  2. ^ Song, Victoria. "Baltimore's Government Held Hostage by Ransomware Attack". Gizmodo.
  3. ^ Gallagher, Sean (May 8, 2019). ""RobbinHood" ransomware takes down Baltimore City government networks". Ars Technica.
  4. ^ Chokshi, Niraj (May 22, 2019). "Hackers Are Holding Baltimore Hostage: How They Struck and What's Next". The New York Times. ISSN 0362-4331. Retrieved May 29, 2019.
  5. ^ Liptak, Andrew (May 25, 2019). "Hackers reportedly used a tool developed by the NSA to attack Baltimore's computer systems". The Verge. Retrieved May 29, 2019.
  6. ^ "Cyber-spies tight-lipped on Baltimore hack". BBC. May 27, 2019. Retrieved May 29, 2019.
  7. ^ "Microsoft sounded alarm two years ago about NSA hacking tool that reportedly hit Baltimore". Baltimore Brew. Retrieved May 29, 2019.
  8. ^ Stewart, Emily (May 21, 2019). "Hackers have been holding the city of Baltimore's computers hostage for 2 weeks". Vox. Retrieved May 21, 2019.
  9. ^ a b Gallagher, Sean (May 20, 2019). "Baltimore ransomware nightmare could last weeks more, with big consequences". Ars Technica. Retrieved May 21, 2019.
  10. ^ Duncan, Ian; Zhang, Christine (May 17, 2019). "Analysis of ransomware used in Baltimore attack indicates hackers needed 'unfettered access' to city computers". The Baltimore Sun. Retrieved May 28, 2019.

External links[edit]