The local government of New Mexico County has reportedly spent millions of dollars trying to restore control over their computer networks after years of dealing with cyber-attacks, specifically ransomware.
Security researchers who did the investigation stated that the series of attacks took place between January 2018 and around February 2020. The trigger, according to them, was an event where several employees from different agencies unknowingly and mistakenly opened unverified emails that contained encrypted scripts that effectively crawled and disabled most of their network’s systems.
As soon as the intrusion was established, all government offices, hospitals, school districts, and essential services instantly went offline. According to the Cyber Security division of the FBI (Federal Bureau of Investigation) in Albuquerque, Phishing was the initial wave of the attack, where the hackers sent out the email blast that contained the injected scripts and malware.
From that point on, almost everything that the hackers can get their hands on. Other schools, health care providers, local businesses, and even law enforcement offices fell victim to the attack. Several schools suffered heavily because of the attack – disabling their network servers, phones, and overall email services on all their branches were locked indefinitely. IT technicians all over the county have been scouring through thousands of devices throughout the affected machines and devices, trying to recover what they can—a genuinely challenging task and an even major inconvenience amidst a local disaster.
This is the second time that New Mexico County has experienced a cyber-attack.
The last was also from ransomware of unknown origins that infiltrated their servers because the local technology team was unable to check the network before reconnecting to the internet. An unfortunate and costly mistake that took out their employee payroll systems and student registration process. Although no student data was compromised, the overall restoration and recovery took about five (5) months and US$2 million in expenditures.
There were no efforts to communicate and extend payment to the attackers in exchange for the stolen or compromised data. Although there was one report that says one of the victims acted on their own accord – communicated with the hackers and paid money in exchange for New Mexico County’s stolen data.
The United States FBI (Federal Bureau of Investigation) is critical when it comes to investigating ransomware attacks because it is a cybercrime that involves money, international fraud, as well as abuse, and violation of cyber computer laws both local and international. Hopefully, one day, they will be able to counteract these attacks head-on. Until then, it’s up to us to protect ourselves.