Advertisement

Blame city's failure to update software, not NSA

The Baltimore City government computer network is infected with ransomware.

As a retired information technology professional, I have been puzzled by the calls from elected officials for federal relief for the city's computing systems being held by ransomware. Recently, The Sun added its voice to those calls (“Feds owe Baltimore more than an explanation if NSA weapons were trained on the city’s computers,” May 28).

Really?

Advertisement

Microsoft provided the fix for the flaw in its operating system that EternalBlue exploits over two years ago. Best practices in the IT industry are to take critical patches from software vendors and have them on test systems (to make sure they do not have any unintended consequences) the week after they are released and have them on production systems within 30-60 days. That Baltimore's IT department hasn't deployed those patches two years later is an unconscionable dereliction of duty. I shudder to think what the state of the rest of the city's systems are in if it can't keep up with Microsoft patches.

Rather than call for federal dollars to help the city fix the problem, I would respectfully suggest that Mayor Bernard C. “Jack” Young call for the IT director’s resignation. The next challenge the city is going to face is that support for Windows-7 ends on January 18, 2020, and anyone who can't get patches applied in two years has no business trying to upgrade to a new operating system in the next eight months.

The city needs to man up rather than do what it usually does and play the victim. In this case, it needs only look in the mirror to see where the problem is.

George Mattingly, Baltimore

Advertisement
Advertisement