Several local governments struggling with cyberattacks limiting services

Avatar

Government services offered by one of the largest counties in Maryland are still being limited more than a week after it was targeted by a cyberattack. 

Anne Arundel County, home to nearly 600,000 people and the state capital of Annapolis, first announced the incident on February 23 and as of Monday is warning residents that multiple services are still down. 

911 and 311 call centers are operational but County Executive Steuart Pittman said many other services are impacted by the shutoff of internet access — an action taken to “ensure the safety” of government systems. County officials initially said the attack was “of external origin” and was considered a “multi-day event.”

The county is also home to several prominent federal institutions, including the National Security Agency, and the U.S. Naval Academy. 

Pittman explained that due to an ongoing investigation, a full list of affected services could not be provided but residents concerned about water or tax bills could call the office of finance at a provided number. 

Late payments will be allowed, but county offices can only accept cash or checks in person. Customers can pay through the phone with credit cards or e-checks. Permits are still being processed manually. 

“County officials are working diligently with the Anne Arundel County Office of Information Technology, public safety officials, cybersecurity specialists, and each department to conduct a full investigation,” he said.

“While we have made some progress with securing and restoring our systems, we cannot share more details about the incident yet for several reasons: we are still working to understand the scope and impact of the incident, we do not want to potentially provide information to the potential threat actors, and we are working to recover from the incident as quickly as we can.”

When asked for comment, county officials declined to say whether it is a ransomware attack or if the group behind the attack has identified itself. No hacking group has taken credit for the incident as of Monday. 

Pittman added that they intend to share the full details of the incident, including how it happened and what departments were affected. There is no timeline for the restoration of services but there is a “priority order” state officials are using to bring systems back online. 

County buildings were closed last Monday as a result of the cyberattack and employees were asked to work from home. Tax services for seniors were suspended and customer service centers for the Department of Aging and Disabilities were closed. All county recycling centers and its landfill were closed as well, but public schools and libraries were not affected. Buildings were reopened on Tuesday. 

The attack on Anne Arundel County took place as multiple state-level government bodies dealt with cyberattacks having real-world impacts. Local news outlets in Maine spoke to officials in Franklin County who said they dealt with a ransomware attack early last month.

Missouri’s Department of Conservation is facing outages from a cyberattack announced on Friday and municipal courts in Cleveland, Ohio were shut down due to an incident last week. 

In an update on Monday, Cleveland Municipal Court said it is “currently investigating a cyber incident.”

“As a precautionary measure, the Court has shut down the affected systems while we focus on securing and restoring services safely. These systems will remain offline until we have a better understanding of the situation,” court officials wrote on social media, warning that housing court was also shut down. 

“All internal systems and software platforms will be shut down until further notice. The Cleveland Municipal Court will be closed, except for essential staff, and normal business will not be conducted with the public until further notice.”

CybercrimeGovernmentNews
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

Next Post

CISA says it will continue to monitor Russian cyber threats

Related Posts

Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation

Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to bypass the operating system's System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. The vulnerability in question is CVE-2024-44243 (CVSS score: 5.5), a medium-severity bug
Avatar
Read More