Google Shut Out Baltimore Officials Using Gmail After Ransomware Attack

The Baltimore city government is recovering from a devastating ransomware attack that has locked up its systems, but officials in the city faced a new problem today. As first reported by The Baltimore Sun, Google blocked city departments from using Gmail accounts created as a workaround. The Verge reports: On May 7th, a ransomware attack froze government systems, including email, and demanded the city hand over bitcoin to reverse the hack. Weeks later, the city is still recovering from the attack, which has also shut down systems for paying water bills and some other services. While officials deal with the problem, which could still take months to fix, some have reportedly signed up for free Gmail accounts to keep operating.

Gmail distinguishes between individual users and users in businesses and other organizations, requiring the latter to pay for the service. According to the Sun, which cited the mayor's office, Google's systems deemed the city officials to be part of an organization, and shut down the temporary accounts. Emails to the city health department, city council aides, and the mayor's office bounced on Thursday, according to the report from the Sun. UPDATE: Google has since fixed the problem. "We have restored access to the Gmail accounts for the Baltimore city officials," the spokesperson said. "Our automated security systems disabled the accounts due to the bulk creation of multiple consumer Gmail accounts from the same network."

Re:

[Luthair]

Seems better than having public workers sitting on their thumb for day(s)

Re:

[Major_Disorder]

Seems better than having public workers sitting on their thumb for day(s)

How is this different from every other day?

Re:

[jargonburn]

Eh. Google is also formed by and employs part of the population.
One part of the populace charging another part of the populace for services rendered seems......like commerce, actually.

It almost seems that paying (at least short term) for commercial email would be a reasonable step and expense of the recovery process in dealing with an issue that was presumably is no way Google's fault.

Re:

[cascadingstylesheet]

It almost seems that paying (at least short term) for commercial email would be a reasonable step and expense of the recovery process in dealing with an issue that was presumably is no way Google's fault.

Yep, getting Google or MS email for their key workers for this time would be a perfectly reasonable step.

Windows again

[Tough Love]

Excuse me, but this is Windows again. Each official involved in choosing Windows to handle the people's business should be immediately fired, drawn and quartered, and subjected to damnatio memoriae. [wikipedia.org]

Re:

[Tough Love]

this is incompetence. doesn't matter what OS you are running you should have proper backups and DR in place as well as well managed security.

True as far as it goes, however this is also a case of Windows usage in the first degree, which should be punished severely, as every sensible person ought to understand after all the years that the Windows clown show has run amok upon the world. How many more times must we betray the public trust in order to finally learn this simple fact?

Re:

[arbiter1]

As other person said its not only windows problem, even LINUX servers can be compromised, I have a paid for dedi and have to reset it many times due to flaw's in software that let it get turned in to a zombie. It don't matter how secure you set anything up, someone will always find a way to take control of it.

Re:

[Tough Love]

Windows is an insecure-by-design virus magnet. If you disagree with that then you have an agenda.

Re:

[Anonymous Coward]

If you draw and quarter them first, then you do not need to fire them. The drawing and quartering will be sufficient.

Re:

[Major_Disorder]

If you draw and quarter them first, then you do not need to fire them. The drawing and quartering will be sufficient.

I think you underestimate exactly how badly these people screwed up. Death by drawing and quartering is too quick and merciful.

Re:

[malkavian]

Often what you find is:

* Legacy. When the systems were originally built, there was no Linux. Once you have momentum, it's incredibly expensive to rebuild infrastructure (which is why developing countries investing in infrastructure get more modern stuff that the 'richer' countries).
* Application ecosystem. When you're trying to run hundreds of applications (which often tie back into legacy), all of which run on Windows, and with no other OS supported, then it's a no brainer to choose Windows.
* Applicatio

Re: Windows again

[cyber-vandal]

Don't talk sense to basement dwellers that think that all you need to replace the Windows ecosystem is Libre Office.

Re: Windows again

[cyber-vandal]

That's not a straw man you pathetic neckbeard

Re:

[Tough Love]

You Microsoft diehards deserve our sympathy, after all it's not your fault you were born mentally damaged, it's your mother's fault for freebasing while pregnant.

Re: Windows again

[cyber-vandal]

Who said I'm a Microsoft die hard? I've probably been using Linux for longer than you.

Re:

[Tough Love]

Easy enough to tell a Microsoft diehard by the stench of decomposition.

Re: Windows again

[cyber-vandal]

That's just your body odour neckbeard

Re:

[Tough Love]

See? Microsoft diehard. Unmistakable.

Re:

[Tough Love]

all you need to replace the Windows ecosystem is Libre Office

Windows isn't an ecosystem, it's a cesspool.

Re: Windows again

[cyber-vandal]

And yet for all of Linux's awesomeness it's still nowhere on the desktop. This is because there are thousands of Windows only drivers and applications. I started using Linux in 1998 and this problem still exists now. Maybe if there had been fewer holy wars and more cooperation, Windows would be history by now. Microsoft ran out of feet to shoot themselves in but still own the corporate desktop.

Re:

[Tough Love]

Microsoft's control of the desktop gaming segment is starting to slip. I mean, how many times does your Dota game need to be restarted because of "lage" before you understand it's more stable under Linux? And free of nagware, spyware and maware, unlike cesspool Windows.

Re: Windows again

[cyber-vandal]

Oh yeah I'm sure the the primary concern of an organisation with 50,000 Windows desktops is lag on DotA.

Re:

[Tough Love]

Are you trying to say that we should not welcome the gamers to Linux with open arms?

Re: Windows again

[cyber-vandal]

No.

Re:

[Tough Love]

So, basically you are just ranting without reason then. Might as well shout at the clouds.

Re: Windows again

[cyber-vandal]

So you believe lag on DotA is a major concern of corporate IT? Maybe it's time you left your basement. Make sure you wash first.

Re:

[Tough Love]

Got it. You don't have a point.

Re: Windows again

[cyber-vandal]

You missed my point in your rush to be pathetic. Now off you fuck you smelly weirdo.

Re:

[Tough Love]

Impossible to miss something that isn't there.

Re: INTERNET SECURITY PROBLEM

[astrofurter]

Emperor Xi, is that you?

For Business Use?

[Phylter]

So, it really had nothing to do with them using it for business use... it was because they thought a herd of bots were mass creating email accounts. I love how things get misrepresented.

Re:For Business Use?

[Solandri]

The algorithm is in place to catch businesses or organizations trying to use Gmail as their email service without paying for it. Part of the reason Gmail is free is because businesses and organizations which use it have to pay for it. That's really what the Baltimore government should be doing - paying Google for a G Suite account. Even if it's just for temporary use while they get back on their feet, a real organizational account comes with a bunch of sub-account management tools which frankly I think would be indispensable for an organization the size of a city government (I have a couple 10-user G Suite accounts that are grandfathered in from over a decade ago back when they were free.) Plus they'd be "paying their fair share" in helping keep Gmail and the other G Suite apps free for individual users.

Re:

[Anonymous Coward]

a real organizational account comes with a bunch of sub-account management tools which frankly I think would be indispensable for an organization the size of a city government

On the other hand, one would think *backups* would be indispensable for any organization or individual of any size from one up.

They didn't seem to put any value on backups, so it isn't exactly surprising they don't put any value on services like gmail either.

Note the "they" I refer to is the IT leads for the city. Those are who should be paying for G-suite for use by those they serve after all.
I'm not putting any blame on the workers that likely created the accounts in lieu of their IT support doing it for

Re:

[DarkOx]

This I don't see in what way its good for Google or the public to let Baltimore be freeloaders. If nothing else if they actually paid for a gsuite account they probably quickly re-point their MX records and get mail at their real domain. Which would be enormously good for public trust.

Re:For Business Use?

[malkavian]

From the chain of events, I'm seeing that people did what people do.
There was an emergency situation (people not thinking quite straight, and seeing what they can do on the fly with nothing working, no procurement paths, nothing). Some bright spark said "Free Gmail! It doesn't take procurement paths to pull out of the bag, and it'll get us communicating and providing a service we need to be providing".
I say top marks to that person. They overcame a temporary immediate and severe problem.
This, of course, played fast and loose with Google's ToCs, which got automatically detected, and blocked. This is all part of business, and entirely rational.
Now the Baltimore group likely talked to Google via some path, explained the situation and why this had happened, and Google seem to have said "Ok. We don't have to do it, but in the interests of keeping things running for you in times of trouble, we'll let you use the service".
This is a positive mark for Google in their current turbulent times. It's how business works. Sometimes you have a handshake agreement that something can be allowed that lets someone get a great deal from you, or an exception to your usual processes when times are tough.

It may well be that when the procurement path is open, Google will present a bill, and say "this is due for the coverage of the period of time you used the service". Which will be fine too.

For now, both sides have an agreement that works for them, and both sides are happy to continue with whatever the terms of that agreement are. That's the world of business.

Re:

[swillden]

This I don't see in what way its good for Google or the public to let Baltimore be freeloaders.

In the long run, you're right. In the short run, Google gets to be magnanimous (publicly, no less) and Baltimore gets to work around their mess. It's a win/win.

In the medium term, perhaps Google also gets a new GSuite customer, after the city sees that (a) Google offers a nice set of tools and (b) is good to work with.

Shut Down a Government?

[PastBlast]

We'll just blame it on the algorithm.

Re:

[namgge]

"It's Baltimore, gentlemen. The gods will not save you."

Monorail

[CheezburgerBrown .]

Monorail *musicnotes*

Single network?

[Bert64]

This is going to become more and more of a problem as providers transition to cgn instead of ipv6, lots of users originating from the same source address.

Pandemic.

[grep -v '.*' *]

You've got to cut it off at the source to keep it from spreading. Those virii can easily jump from computer to human, and THEN where will we be? Haven't you seen The Walking Dead? (Oh wait, that was a movie about employee overwork and burnout.)

Pay It?

[kackle]

Can anyone enlighten me as to why they don't pay the ransom and then back everything up right away, with a lesson well learned? Ugly and uncomfortable, but effective, no?