- The City of Baltimore's 911 dispatch system was hacked on Sunday morning, effecting messaging functions within the computer-aided dispatch (CAD) system, according to The Baltimore Sun and others. The CAD system also supports the city's 311 system.
- Frank Johnson, the city's CIO, told the Sun that when the breach was detected, the city was able to take the affected server offline and switch to "manual mode." The system was restored Monday morning after 17 hours.
- Officials said this incident is still under "active investigation." Information about the hackers, their motive or any other potential attacks on the city is unclear.
It's been a rocky week for city cybersercurity, as Atlanta grapples with a ransomware attack that has caused days-long outages on its customer-facing applications. Atlanta's attack raised questions and concerns about the vulnerabilities of cities' operational and emergency systems, and before cities even had time to process the risks, Baltimore fell victim.
Atlanta and Baltimore faced a number of differences in their recent attacks, including the targeted systems. While Atlanta's attack affected residents' ability to pay parking tickets or report potholes, Baltimore's attack affected its emergency dispatch system — which some experts say is the most vulnerable city system due to its critical importance, and host of names, addresses and medical records. By switching to "manual mode," city dispatchers were forced to take such information from callers verbally, which risks inaccuracy.
Leaders in Atlanta and Baltimore also responded differently in terms of transparency. While Atlanta's government, including Mayor Keisha Bottoms and CIO Richard Cox, notified the public of the ransomware attack almost immediately through tweets and press conferences, Baltimore Mayor Catherine Pugh and her colleagues were tight-lipped, and did not confirm the attack to the Sun until days after the incident. Additionally, none of the city's Twitter accounts, including that of Mayor Pugh, Baltimore City 311 or Baltimore Police, tweeted about the incident.
It is unclear why Baltimore leaders lacked transparency during the attack. Now, even though it has been resolved, James Bentley, a spokesman for Pugh, told the Sun that revealing any more information about the attack "could compromise the investigation."