Baltimore emergency 911 dispatch hacked, taken offline for 17 hours

The cyberattack slowed emergency response times as dispatchers had to resort to manual methods.

Why your top cybersecurity goal in 2018 should be human-focused
Building a slide deck, pitch, or presentation? Here are the big takeaways:
  • Without Baltimore's 911 CAD system running, dispatchers were forced to take calls manually, slowing the emergency response time.
  • A similar attack took place in Atlanta over the weekend, shutting down all of their government computers except those handling 911 calls.

Government officials in Baltimore recently confirmed that their emergency dispatch system was infiltrated by unknown hackers around 8 am on Sunday, forcing the city to shut the entire system down and handle emergency calls manually for nearly 17 hours.

The office of Baltimore Mayor Catherine Pugh confirmed the hack yesterday and the city's CIO, Frank Johnson, told the Baltimore Sun that instead of emergency calls being "being relayed to dispatchers electronically, they were relayed by call center support staff manually."

Hackers breached the city's CAD system, which manages 911 and 311 calls, and city officials quickly took the affected server offline, Johnson told the Baltimore Sun. City officials didn't comment in detail on the situation, although they confirmed that the police department and the FBI became involved almost immediately. The system was eventually restored at 2 am on Monday.

SEE: Cybersecurity in 2018: A roundup of predictions (Tech Pro Research)

The story of what happened in Baltimore gained prominence this week as Atlanta also struggled with a similar but even more widespread hacking event, as reported by our sister site ZDNet.

Since Thursday, all of Atlanta's government computers were shut down during a ransomware attack by notorious hacking group SamSam. Just last year, the group hacked into the Dallas emergency system and set off tornado sirens, according to the New York Times.

In Atlanta this weekend, the group demanded a $51,000 payment in Bitcoin in exchange for releasing all of the government's files and threatened to destroy them if they weren't paid. Details on the resolution are murky due to the ongoing government investigation, but Atlanta city officials were able to use their computers again on Tuesday, the Times reported. At a press conference, Atlanta Mayor Keisha Lance Bottoms called the multi-day hack a "hostage situation."

Law enforcement officials across the country have been raising the alarm about possible cyberattacks to government entities, highlighting the fact that hackers have been upping the ante against hospitals and emergency services, believing them to be the parts of government that can least afford to be down for long periods of time.

CIOs in a number of states said in a 2016 ICMA survey that local governments needed to prioritize cybersecurity like any other service, due to the rapidly rising number of attacks.

"The survey...found that about one-quarter of local governments reported that they were experiencing attacks of one kind or another, successful or not, at least as often as once an hour," the New York Times wrote. But they added that only about a third of local governments had a detailed plan to handle hacking situations.

"A smart local government will have fire, police and cybersecurity at the same level," David Jordan, CISO for Arlington County, VA, told the New York Times.

Also see

Image: iStockphoto/gorodenkoff