By Dwight A. Weingarten
In the wake of a cyber attack that made many online systems in Baltimore city government inoperable, Rep. Elijah E. Cummings said that the city and others need increased cybersecurity investments.
“One of the biggest problems is that a lot of our municipalities like Baltimore are vulnerable because we have not necessarily had the resources to put in to updating the systems,” the Maryland Democrat said in an interview this week.
According to the Baltimore City IT Department’s 2018 Strategic Plan, the investments in the city’s IT systems would need to increase from $30 million to nearly $130 million to be up with industry benchmarks.
The ransomware attack on Baltimore’s network on May 7 disabled many of the city’s services, and a ransom demand of about $100,000 in bitcoin was made. The city has not paid the ransom so far, and federal and local officials said they are investigating the source of the attack.
Cummings and other members of the Maryland congressional delegation were briefed by senior officials of the National Security Agency on earlier this week regarding the cyberattack.
The New York Times reported that an NSA tool called EternalBlue, which exploits a vulnerability in Microsoft software, which had been leaked in 2017 and used by cybercriminals against numerous countries since then, was used in the Baltimore attack.
Noting that the FBI and other agencies are investigating the attack, Cummings said, “That investigative process in and of itself hopefully will help us get it resolved.”
The cybersecurity challenges municipalities are facing are “a moving target,” Cummings said. “You have to have constant surveillance and be prepared to make all appropriate changes.”
Approximately 90 percent of Baltimore city employees’ email capabilities could be restored by the end of the week, after the attack disabled email and many of the city’s online services, said James Bentley, a spokesman for Baltimore Mayor Bernard C. “Jack” Young (D).
About 30 percent of the city’s email services are operational now, and the city is bringing systems back online by creating a new secure environment and quarantining the attack, Bentley said.
Dwight A. Weingarten is a reporter for Medill News Service.