Town of Colonie Cyberattack

Colonie, New York – Hit by Ransomware Attack

The town of Colonie’s had a cyberattack, forced to run operations offline. The Town of Colonie Cyberattack attack was discovered Wednesday Jan 15th in the evening. “The town has not paid any ransom” according to the Albany Times Union and town spokesperson Sara Wiest.

Reporter Rebecca Carballo interviewed town Supervisor Paula Mahan and has found an integrated team of law enforcement and various state agencies has been working to respond to the incursion. Consequently, the attack interrupted departments. The town did have a backups.

Ransomware Attack or a Denial-of-service (DoS) Attack

The town plans to have computers and access to the systems by early next week. Initially the town was unsure if the attack was a ransomware attack or a denial-of-service (DoS) attack. The initial estimate sounds to optimistic to me.

Above all, if businesses or towns do not have backups, those backups are not being tested, and they do not have disaster recovery plans they will have data loss and it will talk a long time to recover, if it is even possible at all. Municipalities are a big target for cyber attacks.

Updated Jan. 25th 2020

$400,000 Ransom

The person or group that illegally compromised the towns computers demanded ransom of $400,000 worth of bitcoin. The town did not pay the ransom. According to the towns attorney Michael Magguilli he believes the attack may had originated in Russia. Correspondents and work is being done on fax machines instead of email. The town is working on getting the computers of department heads back up a computer is setup for departments entire staff to share. Multiple of the Town of Colonies departments are relying on a backup databases. Magguilli there was an access denial to the towns systems.

How Does a Town Bounce Back After Cyber Attack?

Towns risk hackers compromising personal information and shutting down necessary systems. Last year there were at least 104 ransomware attacks against administrative schools and governments. Just a few months ago the FBI issued a high-impact cyber-attack warning in direct response to increasing attacks on state and local government targets, including advanced threats to governments and health care organizations. While many town or city governments deny paying the ransom, they are often hit with massive costs totaling hundreds of thousands to millions of dollars.

Other Attacks for the Area

Similarly, A month and a half ago the Albany County Airport Authority’s computer infrastructure was attacked by ransomware and the County had to pay ransom.

The City of Albany experienced a massive cyberattack last March.

Update Jan. 20th 2020

New York Senator is introducing legislation to prevent governments and municipalities from paying ransom in the wake of cyberattacks including the one on the town of Colonie. The bill is aact to amend the general municipal law, in relation to prohibiting the paying of ransom in the event of a cyber-attack. New York Senator David Carlucci introduced Senate Bill S7289 that would ban New York governments and municipalities from paying of ransom, he said it can lead to more attacks.

The bill reads Payment of ransom; cyber-attack. No municipal corporation or 4 other government entity shall pay ransom in the event of a cyber-attack 5 against such municipal corporation or such government entity. As used in 6 this section the term “cyber-attack” shall mean a virtual attack against 7 the critical infrastructure, as defined in subdivision five of section 8 eighty-six of the public officers law, of a municipal corporation or 9 other government entity. If passed would take effect immediately.

This is a direct results of the Colonie and the Albany Airport Authority which were both attacked and in the news recently. Senator David Carlucci stated  “This legislation will make it clear that those looking to do harm, looking to make money by instituting ran somewhere tax, that they won’t be profitable because it’ll be illegal for municipalities to pay their ransom,”