Skip to main content

  1. Home
  2. Blog
  3. Half year review of...
  • Massive cyberattack shut down government services in Bernalillo County in the US

  • The county’s detention center announced complete lockdown

  • A new policy was created to prevent similar incidents in the future

The massive cyberattack in Bernalillo County lead to a complete lockdown in the detention center and shut down of governmental services.

The Bernalillo County, the largest and most populous county in New Mexico, US, fell victim to an extensive cyberattack in January this year. The incident disrupted government systems and halted operations at county offices, reporting StateScoop.


County officials referred to the incident as a ransomware attack. Internal systems shut down, the county websites crashed, and public buildings temporary closed which resulted in several public services becoming unavailable, such as applying for permits and paying property taxes. The incident also caused problems with payrolls in the region and many employees did not receive their full salary.


In total, more than 675.000 residents in the county were affected by the happening, many of them living in the largest city, Albuquerque, reporting KOB4.



Disruptions and prison lockdown

The most affected public building was the Metropolitan Detention Center. The attack knocked out the prison’s security cameras, internet services and automatic doors, which made it impossible for the correction officers to control the inmates and access their records. On top of that, the database containing reports of violence, use of force, and allegations of sexual assault became inaccessible and is believed to have been corrupted by the incident, reporting State Scoop.


Due to the happening, the correction center announced complete lockdown and cancelled all planned visitations. Among 1.200 inmates became confined to their cells 24 hours a day. The conditions forced the county to file an emergency notice in federal court, since the prison potentially had violated the terms of a settlement in a lawsuit over conditions of confinement, according to The Verge.
Furthermore, other important county buildings were forced to close down and halt their activities due to the happening, such as the Bernalillo County Clerk’s Office, which registers voters, grants marriage licenses or approves the transfer of deeds. In addition, the county’s new “one-stop shop” for public services, Alvarado Square in downtown Albuquerque, got highly affected and had to halt their services such as applications for permits and property taxes payments, reporting Techtarget.



New cybersecurity policy

The background of the attack remains unknown, including the name of the criminals behind it, the ransom possibly demanded, together with other technical details such as how the attackers gained access to the county’s systems. However, months after the attack Bernalillo County officials said that the county was able to recover from the happening without paying a ransom, according to StateScoop.


After the incident, Bernalillo County commission decided to implement a new cybersecurity policy involving implementation of multi-factor authentication for most employee accounts within the county. Using one password alone will no longer be enough for accessing the networks, a user now needs another code to login, received via a separate device or application, such as a mobile phone or an authentication app. The new policy involves monitorization of the county networks via a security operations center. All computers connected to the county’s networks will have sensors that will alert the center in case of suspicious activity.


Furthermore, the new policy establishes new requirements for virus-scanning software, endpoint detection and response capacities on all devices connected to the systems of the county, reporting Albuquerque Journal.