Suffolk County Suffers Cyber Attack

Sep 23, 2022 | Industry News

By Mary Grlic

Suffolk County in Long Island, New York, is dealing with an ongoing “cyber intrusion” (as deemed by officials) after a hacker infiltrated the network. On September 8, 2022, the county legislature had to shut down their devices in response to a ransomware attack. When users tried to access the county’s official website, they saw a blue screen instead of the typical homepage. The Suffolk County police website had a bad gateway and those who tried to access it received a message saying that the site connection was not secure. Just about two weeks since the initial signs of the intrusion, the county is still dealing with the ramifications of this large-scale ransomware attack.

What happened?

Suffolk County Executive Steve Bellone initially stated that the event did not point to a ransomware attack. He instead referred to the event as a “cyber intrusion.” However, upon further investigation and a more recent release, it is clear that the county is suffering from a ransomware attack. 

The attack affected all departments of the county and entirely shut down certain online functions. For example, residents could not pay their traffic tickets and online real estate was inaccessible. Even more than 10 days after the attack, county emails and websites still remained down, according to the Suffolk Times.

What is ransomware?

Ransomware is any malware (malicious software) that hackers use to lock data on your device and make it unusable. Ransomware attackers will usually keep your information until the victim agrees to pay a ransom fee to get it back. When held ransom, hackers may compromise, steal, and threaten data. Oftentimes, ransomware attacks may result in a data breach: hackers will release or publish sensitive data if victims do not pay the ransom fee. Depending on the scenario, ransomware attacks can impact individuals, companies, or even entire communities, as in Suffolk County.

Ransomware in Suffolk

Officials were initially unsure of what happened to the county website. However, three days after the initial Suffolk County press conference, the ransomware team ALPHV or “Black Cat” (allegedly) claimed to be responsible for the attack. They issued the following post on their dark web site:

“The Suffolk County Government was attacked. Along with the government network, the networks of several contractors were encrypted as well.

Due to the fact that Suffolk County Government and the aforementioned companies are not communicating with us, we are publishing sample documents extracted from the government and contractor network.

The total volume of extracted files exceeds 4TB.

Extracted files include Suffolk County Court records, sheriff’s office records, contracts with the State of New York and other personal data of Suffolk County citizens. We also have huge databases of Suffolk County citizens extracted from the clerk.county.suf. domain in the county administration.”

The post also included images of files that “appear to be exfiltrated from county systems,” according to Databreaches.net. County officials did not disclose if there was a monetary request to retrieve the site and lost information. As the investigation into the intrusion is ongoing, officials did not release too much information about the case. Police commissioner Rodney Harrison stated that, “As we get closer to identifying things, we will share with the media and public.”

Due to the intrusion, the police department and government officials are now shifting to old ways of operating, as they no longer have access to previously online means. Officials must record information they receive in phone calls by hand rather than via the computer, for example. The NYPD gave the county five additional emergency call operators per shift to reduce the stress on current resources. Additionally, Harrison said that the New York State Department of Homeland Security and Emergency Services provided the department with “highly sophisticated technology that will provide additional firewall protection, enabling us to bring our [computer-aided dispatch] system back online safely and securely while the county’s overall system continues to be addressed.”

The Aftermath

Unfortunately, when a cyber attack occurs, it does not simply go away. Suffolk County and its residents are still at risk even if/when it seems like the website is safe. Officials chose to postpone many county operations simply because the county’s infrastructure cannot properly function with this looming cyber attack. For example, the Suffolk County Civil Service exams scheduled for October 1 are now being delayed because of the cyber intrusion. It is unclear how long it will take for the Suffolk County government to recover from the cyber attack, and its impacts may go far beyond what they can expect.

As of September 23, the Suffolk County Government website includes a release titled “Important Information About the September 2022 Attack.” Security experts say that attackers may have accessed resident data. The online statement says that, “the County will notify any affected individuals as required by law, and all of those affected individuals will be offered free identity theft protection services.” 

In the meantime, the county advises that residents and employees take the proper precautions to protect themselves and their data. They state that individuals who may have been impacted by the cyber attack should:

  • Review Your Accounts and Credit Reports
  • Place a Fraud Alert on your Credit Files
  • Place a Security Freeze on your Credit Reports
  • Remain Vigilant

Protecting you and your data

In addition to the county’s recommendations, we at Computero would like to share some ways that you can protect your data to (a.) prevent a malware or cyber attack and (b.) safeguard your information in the event of an attack. Clearly, hacking can happen at the most unexpected times, and even with the best cyber protection, anything is possible. Whether you have a small business or are an individual with a computer, you must always take proper measures to keep your information secure. Here are some ways to do so:

  • Use multi-factor or two-step verification. This will ensure that no one else is accessing your financial account, email, or other types of online services.
  • Install antivirus software, like TrendMicro, to prevent malware or other viruses.
  • Implement cybersecurity awareness training (for businesses). Employees will better understand how to keep your company safe and the effects of any online attacks.
  • Get rid of old devices and always update operating systems or applications. Keeping you network up to date reduces the risks of an attack.
  • Never click on suspicious links and always be cautious when opening external documents, applications, downloads, etc.

Computero’s 2022 eBook additionally provides useful tips and information to protect you and your business.

In Conclusion

It is unclear when this situation will clear up and what the effects will be in the long run. New information about the case is coming up daily. Stay informed about the Suffolk County cyber intrusion via the local news. Keep your information safe and be cautious, especially if you are a Suffolk resident that may have been affected by the attack.

Cyber attacks can happen anytime, anywhere, and the numbers of such attacks are increasing. Businesses, industries, and individuals all face the risk of hacking, malware, viruses, and ransomware. The impacts of a cyber attack can be extremely harmful, perhaps resulting in a data breach or unauthorized access of data. It is important to realize that you, your town, or your company could be next. Suffolk County is local for many New Yorkers, so this particular instance might be the wake-up call for many residents. Take the necessary steps to protect yourself and your digital information. To learn more about protecting your cybersecurity, read our article.

CosmicStrand Rootkit Virus

By Mary Grlic Researchers recently uncovered a major security concern: a UEFI-based rootkit virus. Coined “CosmicStrand” by cybersecurity company Kaspersky, the rootkit can implant viruses on the most basic software of a computer (UEFI). This makes it extremely...

Ransomware in Healthcare: Maui and Risks

By Mary Grlic All organizations unfortunately run the risk of ransomware attacks. These threats can be detrimental, costing organizations a lot of money and digital data. With technology becoming more prevalent in our daily lives, ransomware will not be going away...

Compliance and the New York State SHIELD Act

By Mary Grlic In a world where technology is rapidly evolving, and data is everywhere, it is more important than ever to protect the private information of the people. Countries like Brazil (LGPD), Great Britain (GDPR), and Canada (PIPEDA) are implementing stricter...