Albuquerque Pwned By Ransomware Attack

The Albuquerque Bernalillo County government offices have been impacted by a ransomware attack. The county government buildings and public offices were closed on Wednesday across the cities of Albuquerque, Los Ranchos and Tijeras after a disruption occurred some time between Midnight and 5:30 AM January 5, county officials said in a press release:

Bernalillo County is continuing its assessment of suspected ransomware discovered on Bernalillo County systems. The county has taken affected systems offline and has severed network connections. The disruption likely occurred between Midnight and 5:30 a.m. on Jan. 5.

Most county building are closed to the public; however, county employees are remote working and will assist the public as much as possible, given the circumstances. The Sheriff’s Office customer service window at Alvarado Square is also closed.

Sam Jones, VP of Product Management of Stellar Cyber:

“Ransomware is getting easier and easier to orchestrate as an attacker. Operational downtime to critical public services will be the gravest by-product of these attacks, especially as they become more rampant. State and local governments are unfortunately perfect targets for attackers.”

The way I read that, it means that governments of all stripes need to make sure that they circle the wagons so to speak so given that they are prime targets for getting pwned.

Saryu Nayyar, CEO and Founder of Gurucul:

“Despite widespread deployment of traditional SIEM, endpoint solutions and now Endpoint-based XDR, what has been lacking within most organizations that are victims of successful ransomware attacks is true behavioral-based modeling and detection within the infrastructure. The ability to characterize proper behaviors and user and application access with the right modeling and machine learning can lead to high-fidelity detection of deviations in “normal” behaviors and unusual access to systems that are often tell-tale signs of ransomware infections. The ability to bubble these types of alerts as high-priority when appropriate empowers security teams to investigate and detect ransomware much earlier to then respond and thwart a successful attack.”

Leave a Reply

%d bloggers like this: