If you pay a ransomware ransom, you can't be assured that they're no longer present on the network. There's the possibility that they ransom the firm again or cause further damage. The firm would have to run a full set of incident response regardless of paying the ransom or not.

I'm not saying that Baltimore is handling the situation correctly but there would be costs well above the x hundred thousand dollars the ransomers would be asking for either way.