Ransomware

The local government is working with state and federal agencies as it recovers from the data breach discovered in April. Officials have mailed notification letters to residents and will work to become more cyber resilient.

The cybersecurity incident detected Wednesday prompted officials to shutter most county systems. The attack hit the local government’s network. Fire and emergency 911 resources were able to continue to operate.

A cyber attack that struck the county April 28 impacted several systems around real estate, deeds, tax processing and land transactions. Several of these remain offline more than a month afterward.

Officials, who recently increased their cyber insurance coverage, have refused to pay a ransom. They are working to fully replace all network infrastructure, including desktops, laptops, servers and storage.

The March incident, which compromised information belonging to at least 10 people, was a ransom attack, the county said in a statement. The local government declined attackers’ demand and took systems offline.

Courtrooms have stayed open and judicial proceedings have gone forward following the attack detected early Monday. But systems across the sheriff’s and circuit clerk’s offices and at the courthouse were forced offline.

The ransomware incident has forced county officials to take offline systems belonging to the sheriff’s office, the circuit clerk’s office and the courthouse. The incident came to light around 2:30 a.m. Monday.

A ransomware attack in February compromised private information of employees and students at Baltimore City Public Schools, and the city’s state’s attorney’s office was targeted in March.

After a nearly five-month investigation, officials determined that compromised sensitive information included names, addresses, Social Security numbers, financial account information, passport numbers and more.

Ransomware attacks hit another record in 2024, and attacks in 2025 are not slowing down. So what’s new and what can we learn about ransomware as we move forward?  

The court’s online civil and criminal dockets repeated failed Monday and authorities had announced the previous evening it would be closed that day. The closure extended into Tuesday as officials probed its cause.

Bad actors known collectively by that name are staging attacks on targets in more than 70 countries, the Cybersecurity and Infrastructure Security Agency, and the FBI said. The latter advises regular system backups.

Officials were able to take down a server, make repairs and restore service after an attempt to extort money through an attack on the police department’s system. For now, the department is filing paper police reports.

A hack in September continues to present issues around data loss and retrieval, and installation of a different bookkeeping system has been delayed. Officials were unable to determine who was behind the incident.

Artificial intelligence tools can scour the web for information, and school districts post a lot of it online. Experts say the combination can quickly arm bad actors with specifics for more deceptive phishing attacks.

The router maker TP-Link Systems, now based in Irvine, Calif., is no longer affiliated with TP-Link Technologies, the company founded in China in 1996. TP-Link has been subpoenaed by the U.S. Commerce Department.

Forty-eight states took part in a review, but only 22 reached or surpassed recommended minimum system security levels. Results for local governments showed they, too, have room for improvement.

Generative AI, cyber threats, TikTok and phone bans are some of the major issues that impacted ed tech in 2024. In the new year, school boards need to determine how to move forward.