An assessment is ongoing to determine the extent and source of a ransomware attack on the New Mexico cities of Albuquerque, Los Ranchos, and Tijeras, which took affected systems offline and severed network connections, forcing most county buildings to shutter on Jan. 5.
While employees continued to work remotely to maintain services, they had no access to public databases, leaving a major gap in capabilities. Emergency and public safety services, including 911, remain operational, as do behavioral health and community centers. However, the Metropolitan Detention Center will no longer be receiving visitors, and Planning and Development Services inspections have been limited. Tax collection through the Treasurer’s Office continues through its online portal, county drop boxes, and branches of Rio Grande Credit Union.
Yet all systems are being assessed for compromise.
The extent of the attack also prompted responses from numerous experts, including Nasser Fattah, chair of the North America Steering Committee for assessment firm Shared Assessments.
“It is unfortunate, but cities will continue to be a big target for ransomware,” Fattah said. “Many available statistics show that municipalities have a high hit of ransomware. As for the root cause, I would think that a contributing factor is the lack of resources and the use of stale technologies, which collectively make municipalities an attractive target. This is exacerbated with work from home when an already weak security infrastructure needs to support remote work, which now makes the attack surface even bigger.”
So far, the name and type of ransomware used in the attack remain unknown. However, investigators have concluded the attack and related disruptions appear to have begun between midnight and 5:30 a.m. on Jan. 5.