Ransomware attack locks down New Mexico prison, schools

14 January 2022

The jail was just one facility affected by the ransomware attack which also felled services across Bernalillo, New Mexico’s most populous county.(Photo by Patrick T. FALLON / AFP)

A ransomware attack locked down a US jail, knocking out security cameras and leaving inmates confined to their cells, court documents show. Cyber attackers hacked into the computer system that controls servers and internet access at the prison in Bernalillo County, New Mexico last week.

For a short time, the jail’s automatic door system was knocked out, meaning staff at the Metropolitan Detention Center (MDC) had to manually unlock each cell when detainees needed to get out for exercise or recreation.

“The lack of camera coverage… creates a significant security concern for the safety of staff and inmates during out of cell time,” a court filing from January 6 shows. “This means inmates, even inmates in general population, are temporarily limited to their cells. Inmates will still be removed from their cells for medical care, but they will not receive unstructured ‘time-out.'”

The jail was just one facility affected by the cyberattack, which also felled services across Bernalillo, New Mexico’s most populous county.

A news release dated January 10 said the county continued to be affected by “cyber issues,” including the issuing of marriage licenses, voter registration, and real estate transactions. “The public is being asked to understand the gravity of this ransomware issue and that, at this time, county services are still limited,” the release said.

At the time of writing, the AFP was unsuccessful in attempts to contact the prison. There was no information about who was behind the cyberattack, or what their demands were.

A ransomware attack, where a hacker takes data from the victim or takes control of a computer system until a ransom is paid, can cripple critical systems and are becoming increasingly common, as more official and commercial business is conducted online.

The United States last year offered a $10 million reward for help finding the leaders of the “Darkside” gang, a Russia-based outfit Washington blames for an assault that shut down one of the country’s largest oil pipelines.

More than half a billion dollars in ransomware-related payments were reported to US authorities in the first half of 2021 alone, though the true cost is thought to be considerably higher.

Companies and institutions face intense pressure to pay up in order to get their data unlocked, but also to keep the attack from potentially angry clients and authorities who issue stern warnings not to give cash to criminals.






© Agence France-Presse