Ransomware Cyber Attack on Baltimore City Services Investigated by FBI

More than two weeks after a cyber attack, 10,000 of Baltimore's city government computers remain frozen. 

The attack occurred on May 7. Hackers demanded ransom to unlock the computers, but the city has refused to pay. 

The Wall Street Journal reports the FBI is investigating the attack. The newspaper says the attack has stopped water bills and delayed the sales of homes, but key services like 9-1-1 haven't been hurt.

It's the second cyber attack on Baltimore in 15 months.

Baltimore Mayor Jack Young says it could be months before some computer systems are restored, but the city is not going to pay, according to NPR. 

While all municipalities are menaced by malware, cybersecurity experts say organizations that fall victim to such attacks often haven't done a thorough job of patching systems regularly.

Asher DeMetz, lead security consultant for technology company Sungard Availability Services told The Associated Press the city's network should have been back up by now. 

"The City of Baltimore should have been prepared with a recovery strategy and been able to recover within much less time. That time would be dictated by a risk assessment guiding how long they can afford to be down," DeMetz said in an email. "They should have been ready, especially after the previous attack, to recover from ransomware."

Baltimore authorities, who hope to prosecute the culprit behind the latest attack, said they were in close contact with counterparts in Atlanta. Last year, a ransomware attack significantly disrupted city operations there and caused millions of dollars in losses. 

In December, two Iranian men already indicted in New Jersey in connection with a broad cybercrime and extortion scheme were indicted on federal charges in Georgia related to that ransomware attack demanding payment for a decryption key.