https://www.vox.com/recode/2019/5/21/18634505/baltimore-ransom-robbinhood-mayor-jack-young-hackers

Nasty RSA4096 encryption. I've helped a couple of local companies with lesser attacks but i don't know of any decrypt tools for this one specifically.

I hope Baltimore backed up their data.

2nd Florida city pays hackers, as 3rd city faces breach
https://www.macon.com/news/business/technology/article231990407.html

I was thinking that was a pretty bad precedent to set. This is going to get ugly.

>precedent

Prior to this, my feeds have turned up a few small cities being ransomed.  So this definitely looks like a trend.

I'm not sure if Greenville NC eventually paid the ransom:

City of Greenville bouncing back from ransomware attack
https://www.wnct.com/news/local-news/city-of-greenville-bouncing-back-from-ransomware-attack/1957044760

IMO, small cities are a perfect target.  Their IT tends to be 10-15yrs behind the times and their IT security is worse.  System management is handed down to the next bureaucrat who takes the job. They learn to run the system but don't know or understand the databases & files.  And city council doesn't want to pay for anything.

>perfect target

The Underbelly of Ransomware Attacks: Local Governments | Council on Foreign Relations

https://www.cfr.org/blog/underbelly-ransomware-attacks-local-governments

Quote from: rcjordan on June 27, 2019, 01:13:07 PM
IMO, small cities are a perfect target.  Their IT tends to be 10-15yrs behind the times

As I mentioned previously I think, we had a discussion about this on the utility committee and the operator said we didn't have anything to worry about in terms of hackers. To adjust our small-time systems, someone has to go there and physically turn a dial. There's no aspect of our system that can be hacked remotely except for interrupting the electrical supply.

So you're probably right - small cities and towns have enough sophistication to automate, but not enough to protect it. It's the sour spot.

^{Wait! There's more!}

Hackers find easy prey as US ignores one warning after another - U.S. - Stripes

https://www.stripes.com/news/us/hackers-find-easy-prey-as-us-ignores-one-warning-after-another-1.673054


Ransomware gang threatens release of DC police records

https://apnews.com/article/police-technology-government-and-politics-53e54780aa080decbb78d5b88d4ff44b

^{Not just US.}

A division of Toshiba also said Friday its European business was the victim of a ransomware attack.

Irish health service hit by 'sophisticated' ransomware attack
https://www.cnbc.com/2021/05/14/irish-health-service-hit-by-sophisticated-ransomware-attack.html

<warp>

>easy prey as US ignores one warning after another

Oakland ransomware attack prompts state of emergency

https://www.sfchronicle.com/eastbay/article/oakland-ransomware-attack-state-of-emergency-17786162.php

City of Dallas hit by Royal ransomware infection • The Register

https://www.theregister.com/2023/05/05/dallas_royal_ransomeare/

Augusta GA struggles with cyberattack as hackers brag about breach

https://www.wrdw.com/2023/05/26/hackers-say-theyre-holding-augustas-data-hostage-cyber-crisis/

https://www.fastcompany.com/91002831/us-water-utilities-hacked-cybersecurity

Officials: U.S. water utilities hacked after leaving passwords set to 1111

I think I mentioned this - I asked our local head of utilities about our exposure and he said that since everything still required someone to physically move a dial or a valve, we were safe from hacking. Our big worry is getting someone to the location in a storm. But cybercrime, not so much. I suspect that is true of most small, old systems. That fancy remote stuff just costs too much and for once that may be a good thing

I'm a little surprised that China is doing this. I would expect China to build backdoors that they can use when they would create the most disruption. Iran makes more sense. For them, any chance to get back at the US is probably welcome and they would want to exploit the vulnerability before it gets fixed.