Systems at a number of Baltimore city government departments were taken offline on May 7 by a ransomware attack. Police, fire, and emergency response systems were not affected but nearly every other department of city government was negatively impacted in some manner.
A very aggressive new variant of the “RobbinHood” ransomware was determined to be the culprit by the FBI. The malware appears to target only files on a single system and does not spread through the network. It is meant to be deployed on each machine individually.
To infiltrate, the attacker needs to previously have gained administrative-level access to a system on the network. Additionally, a public RSA key must be present on the targeted computer.