LAS CRUCES – From failed surveillance cameras at the county jail to students being confiscated from their homes, a recent salvo of cyberattacks in Albuquerque had many real consequences for the hundreds of people who had relied on the compromised computer systems.
The attacks, which briefly disabled two of New Mexico’s largest and wealthiest communities — Bernalillo County and Albuquerque Public Schools — reminded cybersecurity professionals and officials in Doña Ana County that malware and ransomware attacks are a constant threat.
In the Albuquerque cases, officials have confirmed that both attacks were the result of ransomware. Ransomware is technical jargon for software that blocks user access until a ransom is paid. Ransomware is a type of malware, which means any software designed to damage or disrupt a computer system.
According to Tao Wang, an assistant professor in the computer science department at New Mexico State University, hackers regularly target communities like counties and school districts because they expect archaic security from those systems.
“Many systems of government are outdated,” Wang said in a recent interview with Sun News. “They may have some vulnerabilities that are targeted by hackers.”
In addition, Wang said hackers target municipalities because they possess sensitive records and systems. The hackers are counting on municipalities paying money to regain access to these records, rather than pursuing other solutions.
Wang said the difference between temporarily shutting down operations and paying the ransom depends on what the community was doing before the attack began. Most importantly, backing up data and software ensures municipalities have systems to fall back on, Wang said.
“If you have previously backed up your data, you can restore your system from your backup,” Wang said. “If you don’t have a backup, you might have to pay the ransom.”
Another important tool to ward off cyberattacks is training employees to recognize and avoid malicious emails, Wang said. Hackers often use emails that seem important and contain a link.
Once the email recipient clicks the link, the ransomware download may begin or the email recipient may be redirected to a website with more malware download links.
In most cases, the hackers who use ransomware are motivated by profit, Wang said. While politically motivated attacks do occur, Wang said these attacks typically involve software that steals or destroys information.
Ransomware is nothing new in Doña Ana County.
Two years ago, Las Cruces Public Schools and the Gadsden Independent School District fell victim to ransomware. In those attacks, officials said Ryuk malware — which wipes backed-up data, locks access to files, and demands ransoms typically in the hundreds of thousands of dollars — was responsible.
Original coverage:Schools in Las Cruces are slowly digging themselves out of ransomware attacks
According to previous Sun News reports, LCPS did not have to pay a ransom and instead relied on other backup systems to bring the school district back online. Officials said they believe the Ryuk malware was introduced into the computer system through a suspicious email.
Unlike APS, LCPS and GISD did not have to send students home while they fixed their systems.
According to cybersecurity firm SonicWall, US communities have seen an increase in malware and ransomware attacks over the past decade. In 2021, a report by British cybersecurity firm Barracuda Networks estimated that 44% of all ransomware attacks globally targeted communities.
As ransomware attacks proliferate, so do defense costs.
The costs of educating employees about suspicious emails and purchasing equipment to back up important files can quickly add up, but the expense is well worth it, according to Bob Bunting, Doña Ana County IT director.
As Bunting read the news about Bernalillo County and APS, he said it served as a reminder that attacks could happen at any time.
“It makes you take a step back and look at how we’re doing and (ask) what we can do to improve and try to make sure we don’t fall victim to the same kind of things,” he said Bunting the Sun News.
Bunting, who has worked on the county’s computers for 15 years, recalled a major attack when he was with the county. About 10 years ago, the Doña Ana County website was taken over by a hacker who inserted a political message on the page. The hacktivist, a hacker with a political agenda, was not in control for long. Bunting said IT staff got their hands on the site shortly after.
Otherwise, the county has been spared the kind of attacks that have knocked out the county government in Albuquerque. However, should that happen in the Doña Ana district, Bunting said the district is prepared with accessible backups and regular staff training.
Justin Garcia is the public safety reporter for the Las Cruces Sun-News. He can be reached at [email protected] or on Twitter @Just516garc.
Read others:
Comments are closed.