Cybercriminals claim responsibility for Suffolk cyber hack, county says

Cybercriminals are taking credit for the cyber hack on Suffolk County government, Suffolk County Executive Steve Bellone said Friday, referring to a threat they would publish county documents until the county cooperates with them.

Bellone in a statement confirmed someone had claimed responsibility on the “dark web” and said the county was working to protect sensitive information. 

The dark web is an anonymized portion of the internet where criminal activity can occur.

“Information posted yesterday on the dark web indicates that a threat actor has claimed responsibility for the current cyber incident in Suffolk County,” Bellone said.

“The County’s incident response team is assessing this information and working closely with law enforcement agencies,” Bellone said.

County officials referred to postings attributing the attack to the BlackCat or ALPHV strain of ransomware.

The blogsite shared screenshots of the ransomware postings, which included images of what the ransomware said were Suffolk County documents.

According to the ransomware said:

“The Suffolk County Government was attacked. Along with the government network, the networks of several contractors were encrypted as well.

“Due to the fact that Suffolk County Government and the aforementioned companies are not communicating with us, we are publishing sample documents extracted from the government and contractor network.

“The total volume of extracted files exceeds 4TB.

“Extracted files include Suffolk County Court records, sheriff’s office records, contracts with the State of New York and other personal data of Suffolk County citizens. We also have huge databases of Suffolk County citizens extracted from the clerk.county.suf. domain in the county administration.”

DataBreaches said the ransomware included screenshots of “various files that appear to have been exfiltrated from county systems.” 

Suffolk County websites and web-based applications were taken down last Thursday after discovery of what turned out to be malware in county systems.

Bellone said in his statement Friday  that the county probe so far has shown county systems to be intact.