A suspected ransomware attack in New Mexico has incapacitated services for an entire county, including the local jail — which frighteningly lost access to its camera feeds, facility databases, and automated doors.
Bernalillo County, which is the most populous in the state and includes its largest city, Albuquerque, was thrown into chaos last week when the cyberattack hobbled services across the government. The attack, which took place on Jan. 5, forced the closure of county offices, threatened databases, and caused major problems for the processing of everything from local property deals to marriage licenses, all of which rely on the county’s network.
“Most county building are closed to the public,” officials announced in a statement shortly after the attack. “However, county employees are remote working and will assist the public as much as possible, given the circumstances. Vendors for county systems have been notified and are working to solve the issue and restore the system functions.”
Most dramatically, the county’s Metropolitan Detention Centre lost access to some of its key security features — including its camera feeds and its automated jail doors. For obvious safety reasons, this forced the county to lock down the entire jail, forcing all of the prisoners into their cells for the foreseeable future.
The Verge reports that the lockdown also spurred a minor legal kerfuffle, as it put the county in potential violation of the terms of a 1995 lawsuit settlement concerning confinement conditions at the jail. That settlement mandated that prisoners be given certain privileges — such as guaranteed time outside of cells and access to communication devices, such as phones. Some of those privileges can’t be accommodated during the current circumstances and, as a result, the county was forced to file an emergency notice in federal court last week, asking the court to consider its outstanding “emergency” circumstances.
To top things off, the attack also incapacitated — and may have corrupted — important jail databases, including its incident tracking database, which catalogues all of the violent incidents that occur at the facility, including claims of sexual assaults and fights.
It’s unclear when this entire mess is going to be cleaned up but one thing is for sure: It’s yet another surefire sign that ransomware gangs really, really suck — and that we need better federal protections against them, one way or another.