New Mexico county ‘first’ local-government ransomware victim of 2022
Government buildings in Bernalillo County, New Mexico, were closed to the public Wednesday in response to what appears to be the first ransomware attack this year against a local government in the United States.
Officials in the county, which includes Albuquerque, said computer systems were taken offline in response to the incident, which has not been attributed to any known malicious actor. A ransom demand has not been identified either.
The county’s websites appear to be offline as well, though the sheriff’s office and fire and rescue services were using “backup contingencies” to continue their emergency response operations, the Associated Press reported. A county spokesperson did not answer a call seeking request for comment on the situation.
While details of the Bernalillo County attack are sparse, the incident kicks off yet another year of state and local governments dealing with ransomware. Brett Callow, an analyst at cybersecurity firm Emsisoft, said Bernalillo County was the first local government to disclose a ransomware attack in 2022, following a year in which 76 municipalities acknowledged being impacted by extortion malware.
That figure was actually a tick down from 2020, when Callow’s firm tallied 113 attacks against local governments, though ransomware actors may have closed strong in 2021: Officials in Crawford County, Arkansas, have spent the days since Christmas restoring operations after an attack that Allan Liska, a threat intelligence analyst at Recorded Future, said was part of a “minor surge” of ransomware attacks against local governments in the United States and internationally.