The newly elected Mayor of Baltimore City, which has just been hit by its second round of ransomware, stated that the city has no intention of paying the ransom. The city’s systems, such as email and credit card payment systems, were affected. The attackers managed to affect every department within the city in some way, making them unable to do their jobs and complete everyday tasks. The Mayor’s decision not to pay the ransom could be overturned, depending on Baltimore’s ability to rebuild their databases from backups. The city was likely targeted because they had existing vulnerabilities that the attacker was looking for. Baltimore was infected with Robinhhood ransomware, which has been seen in the past targeting other industries and companies. The attackers are requesting that the city pay three bitcoin (roughly $7,600) to decrypt single systems, or if the city would like all of the systems back, they will need to pay 13 bitcoin (roughly $76,000). This is different than the first time they were infected with ransomware, when the attackers requested that the city pay a few hundred dollars per PC that they wanted decrypted.
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is