New York Mayor Bill de Blasio and other city officials said Tuesday that a cybersecurity incident at the city’s legal bureau did not contain a ransom demand, but that an investigation is ongoing.
The New York City Law Department, the 1,000-lawyer agency that represents local officials and agencies in court, reported Monday having “connectivity” problems, including loss of access to its email services, after it had to shut down its internal networks on Sunday.
“The Law Department has been experiencing a connectivity issue since yesterday, and, as a result, no one is currently able to log on to the Law Department’s computer system,” a city attorney wrote to a federal judge, according to the New York Daily News, which first reported the incident.
While the incident comes amid heightened attention toward ransomware — with the Justice Department last week making it a top priority — and just a few weeks after Washington, D.C., saw its police department suffer a leak of 250 gigabytes of sensitive files, de Blasio and others said ransomware is not at play here.
“To this hour we have not seen information compromised or a ransom demand,” de Blasio said at a City Hall press briefing, though he acknowledged the situation is “evolving.” “We’re in a state of high alert. We built up our Cyber Command years ago in anticipation of this environment.”
De Blasio made similar comments in a TV interview Monday night.
Geoff Brown, the city’s chief information security officer and head of New York City Cyber Command, reiterated de Blasio’s statement.
“To reiterate, contrary to some of the reporting, this is not a ransom situation,” he said, adding that the “Law Department IT environment will be securely re-established promptly.”
The FBI is investigating the incident, alongside New York Police Department detectives, NYPD Deputy Commissioner John Miller said at the press conference. He said investigators have already identified the malware responsible and are moving onto the forensic stage.
“What we’re seeing in this case is the good news, the system worked,” Miller said “We’ve identified the malware, we’ve seen it before, and traced it to the actor.”