Malware

City of Baltimore Seeking FEMA Relief After Ransomware Attack

Government Officials Request FEMA Relief to Help Cover Costs Associated with Ransomware Attack

As you may know, the City of Baltimore was hit with ransomware earlier this month. The ransom demands were approximately $100,000, and the city is refusing to pay. However, after three weeks of attempted remediation efforts, the networks are still down. City employees even created free GMail accounts in an attempt to restore email communication; however, Google shut that down, as using personal email accounts for business purposes is not permitted.

As the costs continue to rise, Baltimore City Council President, Brandon Scott, reported he has requested for Governor Larry Hogan to seek a federal emergency and disaster declaration. If declared, the FEMA request would reimburse the city for damages, costs, and repairs related to the attack through federal funds.

This may sound fair, considering it is causing issues throughout the city of Baltimore. However, the hackers were able to exploit Baltimore’s networks through the Eternal Blue vulnerability. This is the same NSA exploit used to spread the first global attack, WannaCry, over two years ago. A patch for this vulnerability has been available for two years. So, because the City of Baltimore didn’t install this patch, their systems became infected with ransomware. Granted, hackers shouldn’t hack, and the city was the victim — but how hard can you play the victim role, when there was a way to avoid the mess, to begin with??

Beyond a failed patch management system, the city’s security solution was ineffective as well. Although the door was left open through Eternal Blue, that doesn’t mean a guaranteed infection. The malware, in this case, ransomware, still had to execute. In order to execute, it had to bypass the security solution. The best way to avoid malicious software from bypassing a security solution is to deploy an antivirus solution that utilized application whitelisting as its primary method of malware prevention.

So not only could the infection have been avoided through patch management, but also by deploying a better security solution. Yet, the city is requesting federal funds to help cover the costs.

What do you think? Should they be granted the FEMA declaration?

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles