BALTIMORE (WJZ) -- The Covid-19 infection metrics on the Maryland Department of Health website have not been updated in days with a warning that "MDH is experiencing a server outage. Data will be updated as soon as possible."
It is part of a cyberattack. Some pages have been redirected to the main state government web page while servers are offline.
One health care executive tweeted that people are having trouble getting key Medicaid information because of the hack.
This has the hallmarks of a ransomware scheme. Cybersecurity consultant Terry Bazemore Junior, the Chief Operating Officer of Ey3 Technologies, said the state made the right move shutting down parts of their website to stop the damage. "It's an excellent first step is to pull things down that may still be vulnerable—potential vulnerabilities that may lead to further attacks and deeper attacks to where they can stay on your network and do things further," Bazemore told WJZ Investigator Mike Hellgren. "Typically, attackers want to attack places that are going to have critical data and data where they know they need to make split-second decisions—whether it could be life or death—somewhere like a health department or a hospital."
The Maryland Department of Health says there is no evidence data has been compromised, and they have yet to confirm whether any hacker has hijacked their computers demanding money, which is what happened to Baltimore City two years ago. Criminals demanded $100,000 in bitcoin.
The city ended up spending $6 million to get back online and almost $1 million for insurance against future attacks. "The big question that companies or agencies are going to have to assess is to pay or not to pay," Bazemore said.
Government is a frequent target. Last year, Baltimore County schools had to shut down online learning after a cyber attack. "It is sobering to see how many school systems and local governments have been hit by this. And that's not even including local businesses and mom-and-pops and things like that that have been hit," he said.
The Department of Health told WJZ in a statement they are "working closely with federal and state law enforcement partners to address the incident and to gather additional information. Certain systems have been taken offline out of an abundance of caution and other precautions have and will be taken."
"The investigation is ongoing, potentially affected employees and partners have been informed, and we will provide additional information as circumstances warrant," the agency wrote.
Healthcare is often a target of hackers. A CBS News investigation found more than one thousand hospitals were attacked last year alone—with some hackers even shutting down equipment—and blamed for patient deaths.
In 2020, hackers hit Greater Baltimore Medical Center affecting some of their information technology systems.
for more features.