On Sept 11th 2022, officials in Suffolk County, NY noted that they were investigating a ransomware attack. The attack allegedly happened on county computers and temporary measures have been put in place to minimize disruptions to normal business activity while systems are restored. Spokeswoman Marykate Guilfoyle from the Suffolk County Executive Office of Steve Bellone told Newsday that investigations were still underway on the ransomware attack.
Newsday reports that several agencies within Suffolk County were utilizing manual record keeping and paper record keeping systems, including paper forms, and fax machines in order to keep the county running while their computer systems were down.
“We’re kind of doing it a little ‘old school’ right now, probably the way the county was run in the 90s. The police are filing out paper forms right now, so a lot of operations are just more manual and not web-based right now,” Guilfoyle said.
On Facebook, Legislator Stephanie Bontempi reported that “We are currently working on establishing an alternative means of communication since our phone and email systems are inoperable. Of course you can still contact me via Facebook or stop by my office in person during normal business hours.”
Guifoyle told Newsday that currently it was “tough to tell” when the county would be back online properly due to the ransomware attack due to “a lot of data and a lot to comb through” citing that Suffolk County is the largest county in New York State.
Currently Adam Schwam, cybersecurity expert, believes that the attack came through email. “Most likely they opened up something that they shouldn’t – one of their computers got infected and now they’re just very concerned across the board where it is,” Schwam told News 12.
Systems were shut down on Friday due to suspicious activity related to what officials determined was a possible cybersecurity intrusion. Suffolk County’s main website www.suffolkcountyny.gov and it’s surrounding links to other agencies (parks department, district attorney, comptroller, and more) are still offline.
The county says it will be unable to send $15-$20 million dollars in scheduled checks and payments to utilities, firms, vendors, and other county officials while the systems are offline. Critical systems such as 911 and emergency response remains operational at this time.
“This is an issue – we see it happening all over the country – we see municipalities under attack and the problem is you have these criminal organizations that are relentless,” Suffolk Executive Steve Bellone told News 12.
Program director of computer science at Adelphi University and also the university’s chief information security officer Kees Leune told Newsday “Cyber attacks on local governments and private companies have become more common. The attacker’s main goal is to actually capture and hold hostage the computer and the data stored on it. If you pay the ransom, then there is no problem,” Leune said.
“If you don’t pay the ransom, you’re back to pen and paper. This is happening all over the world on an alarming scale.”
“The best practice if you believe you’ve been hit by a ransomware attack is to start shutting down as many systems as possible to prevent [the attack] from spreading.”
This is not the first time that Long Island or New York has seen a ransomware attack. In the last few years several municipalities and school districts have become victims of cyberattacks.
Suffolk County reports that they are working in conjunction with the state Division of Homeland Security and Emergency Cyber Incident Response Team on this matter.
Don’t fall victim to a data breach or cybersecurity risk. We at Motiva Networks can help you make a plan and see if your data has been compromised with a Free Confidential Cybersecurity Risk Assessment. Risk Assessment | Motiva Networks