Suffolk cyber intrusion has hallmarks of ransomware attack, Bellone says
A cyber intrusion of Suffolk County government systems had the "hallmarks of ransomware," but officials have not yet received monetary demands for any breached data, County Executive Steve Bellone said Tuesday.
Officials have detected malware in their probe of the incident, which was discovered last Thursday, Bellone said, but had no timeline for when a “controlled shutdown” of web-based applications would end.
"I can report that we have detected malware and that it has the hallmarks of ransomware," Bellone said at a news conference in Hauppauge.
"But the investigation at this point has not concluded that this is a ransomware incident," he said.
Bellone said the county was working to minimize disruptions while it determines "the full scope and nature of this incident.”
He continued: “While the controlled shutdown of data systems naturally creates some challenges, we're doing what it takes to make sure that this government continues to deliver critical services."
Officials did not say how or where the attack began.
There was no indication the data of county residents or employees has been compromised, Bellone said.
Cybercriminals do not always make demands immediately, but an attack without a ransom demand is rare, said Steve Morgan founder of Cybersecurity Ventures in Northport, which provides data and research to the information technology industry.
“Sometimes cybercriminals will leak data as an extortion tactic — so that may be coming, hopefully not,” Morgan told Newsday Tuesday. “They try to inflict as much damage as possible to create leverage for themselves when it's ransomware.”
It also could be attackers did not want to pursue ransom after learning the victim was a government entity, or that they did not know if the attack was successful, Kees Leune, program director of computer science at Adelphi University in Garden City, told Newsday.
Or it could be the county discovered the malware before it activated, said Leune, who also serves as Adelphi's chief information security officer.
“If that is the case then the county got really lucky,” Leune said.
Suffolk immediately took its systems offline to contain and eradicate the threat after its discovery, Bellone said.
The county is working with cybersecurity experts to determine when it is safe to restore its applications, Bellone said.
Suffolk had worked previously with RedLand Strategy of Manhattan — whose president, former state Deputy Secretary for Public Safety Michael Balboni was at Tuesday's news conference — to conduct an assessment of the vulnerability of county computer systems, Bellone said.
The county also held staff trainings for handling an attack and created a contingency plan, he said.
“In Suffolk, we’ve been working to harden our infrastructure over the years,” Bellone said. “We have continued to provide our employees with tools to help … mitigate these types of incidents.”
Dan Levler, president of the Association of Municipal Employees, Suffolk’s largest public employee union, said in a statement county employees were working to maintain services during the system shutdown, but called it an “additional strain on a tired workforce.”
Levler continued: “We also hope this is a needed wake-up call that now is the time to invest in a long-term solution to the worsening staffing crisis so we can deliver vital services.”
Bellone said all county agencies were functioning, although staff may be working in different ways.
Also, Suffolk county plans to launch a temporary "landing website" with frequently requested information, he said.
Suffolk County Legis. Kevin McCaffrey (R-Lindenhurst), the legislative presiding officer, noted the county has adapted during past crises such as the COVID-19 pandemic.
“If you call 911, people will still pick up the phone. If you call 311, things are happening, vaccinations, all these things,” McCaffery said during the news conference.
"We need to show the public that we are continuing to operate," he said.
Also Tuesday, officials said the computer shutdown contributed to a decision to cancel public hearings that had been scheduled for Tuesday and Thursday on proposed Suffolk County voting district maps, Brendan Sweeney, an aide to the Suffolk County Legislature, told Newsday.
Sweeney explained the bipartisan reapportionment committee would not be able to provide virtual access for residents due to the shutdown, and also has not agreed on a map.
The commission has until Sept. 30 to hold the two final public hearings and adopt a map before the process is turned over to the Republican-controlled county legislature.
Newsday Live Music Series: Long Island Idols Newsday Live presents a special evening of music and conversation with local singers who grabbed the national spotlight on shows like "The Voice," "America's Got Talent,""The X-Factor" and "American Idol." Newsday Senior Lifestyle Host Elisa DiStefano leads a discussion and audience Q&A as the singers discuss their TV experiences, careers and perform original songs.
Newsday Live Music Series: Long Island Idols Newsday Live presents a special evening of music and conversation with local singers who grabbed the national spotlight on shows like "The Voice," "America's Got Talent,""The X-Factor" and "American Idol." Newsday Senior Lifestyle Host Elisa DiStefano leads a discussion and audience Q&A as the singers discuss their TV experiences, careers and perform original songs.