State cybersecurity experts waiting to aid Baltimore City Council committee formed to study crippling hack

State cybersecurity experts waiting to aid Baltimore City Council committee formed to study crippling hack
A month ago, City Council President Brandon Scott established a cybersecurity committee to explore Baltimore's response to the ransomware attack that has crippled several city functions since May 7. The panel has not yet met despite offers of help from experts. (Amy Davis / Baltimore Sun)

It’s been a month since Baltimore City Council President Brandon Scott established a special committee focused on cybersecurity and emergency preparedness as City Hall recovers from a ransomware attack that still cripples several city payment functions.

One of the committee’s co-chairmen, Councilman Isaac “Yitzy” Schleifer, said the panel’s efforts will not begin until after the current cyber attack — which began May 7 — is resolved.


“We are waiting until the situation is under control before proceeding with the committee,” Schleifer said in a text message.

But seven experts from the Maryland Cybersecurity Council and the University of Maryland University College notified Scott’s office up to three weeks ago that they are ready to provide free, volunteer assistance to the committee right away.

Several of them have not been contacted by the city yet.

“I haven’t heard a word,” said Kevin Kornegay, chair of Morgan State University’s Electrical and Computer Engineering Department and a state cybersecurity council member.

Michael Greenberger, another state council member who volunteered, praised the City Council for being proactive but said they should move forward now.

“I don’t think they should wait,” said Greenberger, director of the Center for Health and Homeland Security at University of Maryland’s law school. “They should be doing it ASAP, no matter how busy they are.”

Scott said he wants the council committee to begin its work after the ransomware attack is resolved because the city’s information technology officials need to be focused only on that task.

“We should not pull the IT professionals off their most urgent responsibilities,” Scott said. “The most important thing for them right now is to get the city up and running.”

Once that happens, Scott said, he will release a schedule of hearings at which the council committee will be taking testimony from experts, including those recommended by the state cybersecurity council.

“In response to the ransomware attack, cybersecurity experts should direct their offers of help towards” the mayor’s office and the city’s information technology department, Scott said in a statement on Monday. “Offers of interest by experts interested in the Cybersecurity committee are being logged and will be responded to at an appropriate time.”

Greenberger and Kornegay were two of five members of the state panel whose names Attorney General Brian Frosh sent to Scott’s office in a May 23 letter obtained by The Baltimore Sun.

“At its May 22, 2019 meeting, the Maryland Cybersecurity Council unanimously endorsed a resolution encouraging its members to offer their assistance on a pro bono basis to the security and emergency preparedness committee that you recently convened,” wrote Frosh, who is chairman of the cybersecurity council.

Frosh wrote that all five who volunteered are “senior cybersecurity and computer science faculty from professional schools and other institutions of higher education in and around Baltimore.”

The other three volunteers are:


»» Anton Dahbura, executive director of the Johns Hopkins University Information Security Institute.

»» Anupam Joshi, director of the Center for Cybersecurity at the University of Maryland Baltimore County.

»»Markus Rauschecker, cybersecurity program director at the Center for Health and Homeland Security.

In addition, University of Maryland University College President Javier Miyares offered the free services of two faculty members who have served in senior roles with the U.S. defense and transportation departments.

“Thank you for your leadership during the present emergency,” Miyares wrote to Scott on May 30. “All of us have followed with dismay the consequences of the ransomware attack on our state’s largest city.”

The new council president said last month that the city faces a crisis of the “utmost urgency” and said the committee will invite testimony from experts to help review the response to the attack by Mayor Bernard C. “Jack” Young’s administration. It also would examine the city’s cybersecurity policies and emergency plans.

Those plans have been questioned as the city enters its sixth week since the May 7 attack.

At the same Maryland Cybersecurity Council meeting on May 22 when volunteers came forward for the city, a senior official with the Maryland Department of Information Technology told the board that his agency’s offer of assistance was rebuffed by the city for a week after the attack.

Scott and Councilman Eric Costello, the other co-chairman of the city’s cybersecurity committee, criticized the city’s IT agency for not already having a relationship with their state counterparts.