Baltimore ransomware attack due to Microsoft Win XP and Vista operating systems

    An official update released by Baltimore city officials’ states that the ransomware attack which took place on May 2019 on the city’s database was due to the fact that most of the systems were operating on obsolete operating systems such as Windows XP and Windows Vista which are “extinct” as per the Windows Security Update center.

    Since the hackers who launched the attack used NSA discovered EternalBlue flaw to exploit the vulnerabilities in the XP and Vista systems the damage is said to have gone beyond their expectations.

    As the recovery estimate is said to go beyond $19 million, last week Baltimore city officials agreed to transfer $6 million funds meant to develop parks and public facilities to be used to remediate the costs incurred from the cyber attack.

    However, the officials state that the allotted fund might prove insufficient as the need to replace hardware and software is going beyond the cost-wise estimation.

    Furthermore, Baltimore city has decided to purchase cyber insurance at a cost of $830,000 covering all IT infrastructures with $20 million cyber liability coverage.

    Note 1- When the malware encrypted the database, hackers were demanding a ransom of $76,000 to decrypt files and

    Note 2- Nowadays there is speculation going in the media that Insurance companies before taking a cyber insurance policy promise big to cover all digital assets if in case a cyber attack incident strikes a business firm. But when it comes to paying for the liabilities, they always push the victimized firm to bow down to the demands of hackers as paying a ransom is much cheaper when compared to the costs incurred for a cyberattack recovery.

    Ad
    Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
    Naveen Goud
    Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

    No posts to display