Ransomware, Content

Baltimore Ransomware Attack Update: City CIO Exits


Frank Johnson no longer serves as the City of Baltimore's chief information officer, according to StateScoop. The news comes after cybercriminals launched a ransomware attack against the city earlier this year.

Johnson was placed on unpaid leave last month. Todd Carter, Baltimore's VP of IT, has been serving as acting CIO since Johnson was placed on leave and will continue in this role going forward.

Related: List of City and Government Ransomware Attacks

During a June 7 budget hearing, Johnson apologized to Baltimore City Council members for doing a poor job of sharing information with city leaders and residents about the ransomware attack, the Baltimore Sun reported. At this time, Johnson also said he planned to "improve communications" to prevent similar security incidents.

Johnson joined Baltimore's Mayor's Office of Information Technology in July 2017. Prior to serving as Baltimore's CIO, Johnson held various sales and marketing leadership roles at Intel.

A Closer Look at the Baltimore Ransomware Attack

Cybercriminals use RobbinHood (aka RobinHood) ransomware to attack Baltimore servers and government applications. Hackers demanded $76,000 to decrypt the affected files, but city officials refused to pay the ransom.

The Baltimore ransomware attack left city employees without access to their emails and hampered the city's real estate sales and water billing for months, according to the Baltimore Sun. Furthermore, Baltimore's budget office has estimated that the ransomware attack will cost the city at least $18.2 million in direct costs and lost or delayed revenue.

Baltimore officials are better equipped to recover from the ransomware attack now that Johnson has been "separated from the city," Baltimore City Councilman Eric Costello told StateScoop. They are proactively exploring ways to minimize the risk of future cyber attacks against the city.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.