Per The Baltimore Sun, city officials had created Gmail accounts in the wake of ransomware attackers demanding $100,000 in Bitcoin. This was after the baltimorecity.gov official email addresses were knocked out. However, on Thursday the free email accounts that the city officials created were disabled.
When trying to send emails to the Gmail accounts belonging to the city officials the sender would get the following message: “The email account that you tried to reach is disabled.”
Google Deems Bulk Creation of Gmail Accounts Suspicious
A Google spokesperson explained that this occurred because the automated security system of the tech giant had been triggered. This was after the ‘bulk creation of multiple consumer Gmail accounts from the same network’. Google’s automated security system normally flags such activity because it might be exploited to commit fraud or send spam. Google has since then restored access to Gmail to the affected Baltimore city officials.
The incident occurred as the ransomware attack approaches its third week. The ransomware known as RobbinHood seized control of around 10,000 computers belonging to the city on May 7.
Besides knocking out the baltimorecity.gov email addresses, the ransomware attack resulted in the online payment system getting shut down. Property deed applications in the city were also hampered. The hackers demanded Bitcoin worth $100,000. At current prices that’s about 12.55 Bitcoin.
Baltimore Can’t Pay, Won’t Pay Bitcoin Ransom
The city has, however, declined to pay the ransom and has engaged cybersecurity experts and the FBI. Baltimore has also opted for a manual workaround of some of the services offered. This includes real estate transactions.
The City of Baltimore has developed a manual workaround that will allow real estate transactions to proceed during the City’s technology outage. Starting tomorrow, the Wolman Municipal Building will be open from 7am – 7pm, Monday – Friday. Instructions below – please share! pic.twitter.com/lvvoa7maTX
— Bill Henry (@BillforBmore) May 19, 2019
This is not the first time that the city of over 600,000 people is coming under a ransomware attack. Last year in March Baltimore’s 911 and 311 dispatch system was temporarily shut down after a ransomware attack on the servers that run the dispatch system.
After the technology outage, the city reverted to manual dispatching. At the time, the CIO in the Mayor’s Office of Information Technology dubbed it a ‘self-inflicted wound’.
Bitcoin Ransom: Catch 22 Situation
In refusing to pay the bitcoin ransom, Baltimore is following the example of other U.S. cities such as Atlanta. While this should not be taken as encouraging crime, not paying the ransom has sometimes proved to be more expensive.
In the case of Atlanta, for instance, the attackers were demanding Bitcoin worth $52,000. However, after the city’s refusal to pay up, the Atlanta Journal Constitution reported that the city could incur costs of about $17 million directly related to the ransomware attack.
Confidential report: Atlanta’s cyber attack could cost taxpayers $17 million https://t.co/OOu3JKmQXX
— Rhonda Cook (@rhondacook55) August 1, 2018
Last year in February, Colorado’s Department of Transportation (CDOT) computer network was infected with ransomware. In this particular case, the attackers demanded 3 Bitcoin as ransom but the CDOT refused to pay. About two months later, the costs of the restorative efforts were estimated to have reached $1.5 million.
Cyber attack on CDOT computers estimated to cost up to $1.5 million so farhttps://t.co/jofbWSbd9i
— Kristen Meriwether (@MeriwetherK) April 6, 2018