By Peter Chawaga
In a sign of just how critical the digital grid has become, the City of Baltimore is currently being held hostage by cybercriminals following a data breach. Baltimore has been combating the cyberattack for weeks and, among the trove of disruptions it has caused, there has been a direct impact on residents’ water bills and related data.
“For nearly three weeks, Baltimore has struggled with a cyber attack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services,” according to The New York Times. “[On May 7,] City workers’ screens suddenly locked, and a message in flawed English demanded about $100,000 in Bitcoin to free their files: ‘We’ve watching you for days,’ said the message, obtained by The Baltimore Sun. ‘We won’t talk more, all we know is MONEY! Hurry up!’”
City officials have refused to pay the ransom and have been able to restore some services but many remain disrupted at the time of this writing. In addition, it appears that the hackers were able to obtain data related to these municipal services, including water service.
“To be clear, the hostage is not a person. It’s data,” KPCW reported. “That data ranges from legislative bills to online payments for water and parking tickets.”
Adding insult to injury, it’s been revealed that the tool the hackers used to breech Baltimore’s data was actually developed in nearby Washington, D.C. by the National Security Agency (NSA).
“Since 2017, when the [NSA] lost control of the tool, Eternal Blue, it has been picked up by state hackers in North Korea, Russia and, more recently, China, to cut a path of destruction around the world, leaving billions of dollars in damage,” per the Times. “But over the past year, the cyber weapon has boomeranged back and is now showing up in the [NSA’s] own backyard.”
To read more about how cyberattacks can affect municipal drinking water systems, visit Water Online’s Resiliency Solutions Center.