Environ 10 000, c’est le nombre d’ordinateurs municipaux verrouillés depuis trois semaines. Ils sont bloqués depuis le 7 mai, jour où les autorités de Baltimore ont découvert que leur ville était victime d’une cyberattaque. Cela est problématique car ces ordinateurs contiennent des informations essentielles pour le bon fonctionnement des services municipaux : boîtes mail des employés de la mairie, fichiers de travail, données liées aux caméras de surveillance… Cette attaque touche également les habitants de la ville. Ils ne peuvent payer leurs factures d’eau ou les impôts fonciers en ligne car le service qui y était dédié fait partie des plateformes bloquées. 1500 ventes immobilières ont aussi été suspendues. Lire l’article du Figaro
La question à 100 000 dollars
Should the city pay the ransom? Mayor Jack Young, a Democrat, was firmly against the idea at first. « That’s just like us rewarding bank robbers for robbing banks« , he told the press. « No, we’re not going to pay a ransom. » But now the mayor is signaling some flexibility. Asked again this week about whether Baltimore would pay the ransom, Young told the interviewer: « To move the city forward I might think about it. » If Baltimore were a private company, with its annual budget of around $3.5 billion, it likely would have paid the modest ransom of three Bitcoins to recover its computers (and then secured its systems to prevent a repeat). « Many consumers opt to pay rather than lose their precious photo and video memories, financial records, and other files they value, » an F-Secure report says. A ProPublica article last week revealed that outside consultants hired by victims often just pay the ransom (sometimes negotiating discounts or extensions for their clients). Lire l’article de Reason
Critics and defenders of the National Security Agency faced off this weekend over a New York Times report detailing how hackers who locked up Baltimore’s computer networks for the past two weeks relied partly on a leaked NSA hacking tool. The tool, dubbed EternalBlue, has also been used to lock up city networks in San Antonio and Allentown, Pa., the Times’s Nicole Perlroth and Scott Shane reported. Critics say the NSA is hellbent on developing dangerous hacking tools to use against adversaries and isn’t adequately preparing for what happens when those tools leak and are used against U.S. targets. Lire l’article du Washington Post
It may not have been someone in city government clicking on something “bad” in their email. Nor was it likely a “targeted” attack because most ransomware is automated and simply scans for vulnerabilities. But once the attackers were into Baltimore’s network, they knew what they were dealing with – a dangerously ill-prepared, kludged-together municipal IT system. “Fixing this is going to require a view across all the city’s agencies and a reckoning with 20 years of crud – information technology crud – that is now there”, says tech journalist and analyst Sean Gallagher. Lire l’article du Baltimore Brew
La solution ?
With advanced tech, smartphones in the hands of every individual, and the occasional self-driving car on the street, one might think that we are living in some futuristic society. Unfortunately, many industries are still stuck with old systems. The recent ransomware attack on Baltimore’s city government highlights the fact that many institutions are facing increasingly higher risks for being reluctant to change. The ransomware attack on Baltimore, Maryland’s city government computers specifically affected systems that were needed to complete property deals in the region. As a result, during one of the real estate industry’s busiest times of the year, all relevant transactions were put on hold. When it comes to system evolution, the situation is a cold reminder that Baltimore and many other counties in the U.S. somehow got left by the wayside. Lire la tribune de Natalia Karayaneva dans Forbes