Ransomware Halts Closings in Baltimore

It’s the busiest home buying season of the year and a security breach has brought property deals to a grinding halt. A nightmare that could happen anywhere struck the city of Baltimore on May 7th, 2019 when the city’s government computer systems were locked down as a result of a “Robbinhood” ransomware attack. This type of attack encrypts data stored local to the computer and on network file storage, rendering it inaccessible without a key that the attacker holds. The attacker then demands payment in exchange for the key. For Baltimore, that payment demand came to the tune of 13 bitcoins (worth about $76,000) to decrypt all of the city’s encrypted files.

The successful ransomware attack forced the city to resort to manual operations for most day-to-day business, but without access to their lien system, home sales can’t be completed. The city’s lien system is a vital part of verifying that properties are free of liens, completing the recording of new deeds, and calculating water bills and outstanding taxes owed.

With havoc in the liens office, title insurance underwriters have had to prohibit title agents from issuing title policies on Baltimore properties and suspend closings in the city. Until the ransomware attack on the city’s resources is fully resolved, the city is unable to issue lien certificates or process payments. Baltimore’s city employees and technology partners continue to work to get these systems back under their control without losing valuable data. Baltimore hopes to soon reinstate their systems to support their residents and get back online more safely and securely than before.

Ransomware attacks, such as this one, are not confined to high-profile targets like major metropolitan cities. Cyber criminals are known to target businesses to hold data for ransom. Today’s cybercriminals are constantly working on new techniques and tools to infiltrate their targets. Some things you can do that may help protect your business from cyber threats are to:

  • Implement standard IT security measures and technology to detect and contain ransomware, as well as other threats such as malware and vulnerabilities
  • Keep computer systems and applications updated to prevent attackers from taking advantage of known security holes
  • Promote a security culture in your business and educate employees on social engineering tactics
  • Regularly change passwords, using strong passwords committed to memory

Any security breach creates the need to remind all parties in real estate transactions to be on the lookout for wire fraud. Old Republic Title recommends the three-step approach to Stop, Call and Verify.

  1. STOP!: If you receive an email or text with wiring instructions, do not reply. If you receive a phone call with wiring instructions, tell the caller you’re going to hang up to verify the information.
  2. CALL: To make sure you have received a legitimate request, call a trusted phone number you have used before to contact the buyer, seller, agent, lender or escrow officer, or use a number written in the contract. Do NOT use a number listed in the email sent to you or call the number that texted you. There could be a fraudster on the other end of the call, ready to trick you into diverting funds to their account.
  3. VERIFY: After calling a trusted number, talk to the person that the email, text or call was said to have come from. Verify that there has been a change to wiring instructions.

With a clear plan to keep your business safe, you can work to prevent experiencing the same data security nightmare and stop cybercriminals.