Lessons from the Baltimore cyberattack for NZ

New Zealand Security Magazine, June-July 2019

Baltimore cyber attack
Ransomware blocked government email accounts and disabled online payments to city departments.

According to FintechNZ’s General Manager James Brown, New Zealand can take lessons from the U.S. city of Baltimore, which was offline for over a week in May following a ransomware cyberattack.

Hackers breached the Maryland city’s servers on 7 May, demanding $92,000 worth of Bitcoin. Agents with the FBI’s cyber squad worked with city employees try to determine the source and extent of the cyberattack.

The ransomware blocked government email accounts and disabled online payments to city departments, leaving rate payers and property buyers high and dry. 

It’s the second cyberattack to strike the city in as many years. The previous attack knocked out the city’s emergency dispatch system for 17 hours. 

The hackers used a ransomware called RobinHood — a powerful and malicious program that makes it impossible to access server data without a digital key. Replicating that key without the hackers is impossible, Rubin, Avi Rubin, a Johns Hopkins computer science professor and cybersecurity expert, told NPR.

“I don’t even think that the NSA would be able to break this algorithm,” he said. “It’s believed by the cryptographic community, both the theoreticians as well as the practitioners, to be unbreakable by today’s technologies.”

What does New Zealand need to do to prevent one of its major cities being offline for over a week, asked FintechNZ’s Brown.

“What would the economic impact be if Auckland, Wellington or Christchurch went offline? It would probably run into billions of dollars.

Enjoying this article? Consider a subscription to the print edition of New Zealand Security Magazine.

“Baltimore’s government rushed to take down most computer servers on May 7 after its network was hit by ransomware. Functions like 911 weren’t affected but after eight days, online payments, billing systems and email were still down,” he said.

“No property transactions were conducted in the week following the attack, exasperating home sellers and real estate professionals in the city of more than 600,000. Most major title insurance companies prohibited their agents from issuing policies for properties in Baltimore.”

Brown said small steps can be taken to minimise the impact of a cyberattack in New Zealand.

“Some basic actions should be put in place straight away. Companies should install, use and regularly update antivirus and antispyware software on every computer used in their business and keep it updated.

“They should use a firewall for their internet connection and make backup copies of important business data and information – and back up often.

“Businesses must control physical access to their computers and network components and secure their wi-fi networks. Companies should make sure their employees only have access to the data they work with and they should all regularly change passwords.

“According to the Kaspersky Lab, the average annual cost of cyberattacks to small and medium-sized businesses was more than $US200,000 in 2014.

“Most small businesses don’t have that kind of money lying around and, as a result, nearly 60 percent of the small businesses victimised by a cyberattack in the US close permanently within six months of the attack.”

According to Brown, many of these businesses put off making necessary improvements to their cyber security protocols until it was too late because they feared the costs would be prohibitive.