Tag Archive for: district

Ransomware attack hamstrings three District Attorneys’ offices in NM • Source New Mexico

/in


A ransomware attack impacted three local prosecutors’ offices around New Mexico earlier this week.

Wednesday morning, someone ran ransomware on servers in four offices connected to the Administrative Office of the District Attorneys (AODA), including the server for the network prosecutors and public defenders use to share court records called the consolidated statewide case management system (CMS).

In interviews with Source New Mexico, a spokesperson for the First Judicial District Attorney Mary Carmack-Altwies in Santa Fe and Ninth Judicial District Attorney Quentin Ray in Clovis said their offices were impacted by the attack.

A third prosecutor’s office, the Fifth Judicial District Attorney in Carlsbad, was also affected, according to Ray. A phone call seeking comment from Fifth DA Dianna Luce on Thursday was not returned.

Marcus Montoya, president of AODA and the elected Eighth Judicial District Attorney in Taos, said Thursday afternoon “we’re still triaging” which cases and hearings the attack impacted.

“Affected might mean different things, so how much is compromised is hard for me to say,” he said. “Maybe some districts might be a little more exposed than others, but for the most part, a majority of the data is protected and will be available.”

The attack left prosecutors unable to access the case management system, slowing their work and making it more tedious, Montoya said. Prosecutors and staff instead had to access a different server and move the files over to an external hard drive, which they carried into court, he said.

“It’s contained, and it’s ultimately not as bad as probably your traditional ransomware attack, so I think we’re in a good place,” Montoya said. 

GET THE MORNING HEADLINES DELIVERED TO YOUR INBOX

Ray, the DA in Clovis, said those case files include any information about people accused of crimes, evidence in their cases, and prosecutors’ own case notes.

Some hearings had to be delayed, he said, “others we were able to MacGyver around.” Between 10% and 15% of the cases his office handles…

Source…

District attorney offices statewide affected by ransomware attack

/in


Mar. 14—The New Mexico Administrative Office of the District Attorneys was still trying to get its two main computer servers working again Thursday after a ransomware attack locked prosecutors across the state out of their files Wednesday morning.

“We are currently working to resolve the issue and optimistic it will be resolved sometime today,” said Henry Valdez, the agency’s director, in an interview Thursday.

He explained the cyberattack: “It comes in however it can, then encrypts your files so you can’t access them and then says you have to pay a certain amount and if you don’t they never release the encryption.”

Valdez said the two computer servers affected by the attack are in Albuquerque but serve offices in the 13 judicial districts throughout New Mexico. The Santa Fe-based server near his office has not been affected, he added.

Work at the First Judicial District Attorney’s Office, which serves Santa Fe, Rio Arriba and Los Alamos counties, was hindered by the attack, a spokesman confirmed.

“The FJDA can confirm that we are experiencing issues with our case management system, as well as other internal systems. This has resulted in an inability for our staff to work as they are normally accustomed,” spokesman Nathan Lederman wrote in an email.

“We have been informed that our computer systems have been hacked statewide,” District Attorney Mary Carmack-Altwies wrote in an email Wednesday to judges and others in the district.

“As such, we have no access to any files/drives/folders. Nothing,” she wrote.

“AODA is attempting to fix the situation but it appears that malware and/or ransomware has attacked the systems and this may take the rest of the week,” she added.

The Judicial Information Division Service desk sent an email to judges Thursday warning staff to use caution when opening electronic communications from the District Attorney’s Office.

“Until further notice anything we receive from the district attorney’s office, even from trusted sources, needs to be thoroughly reviewed,” the email says. “All emails from any DA email address should be carefully examined especially if it contains any sort of attachment or hyperlink that would take you to a website.”

Source…

BISD to add cyber security to district computers and devices

/in


BRANCH COUNTY — Branch Intermediate School District Technology Director Aaron Cummings will review and negotiate with firms providing 24-hour cyber security for the district rather than bid on the services.

The BISD board found the complexity of determining what services are needed and which best fit the district did not lend to standard bidding even with an estimated cost of $40,000.

BISD Superintendent Kris Jenkins said districts across the state are increasing computer security after ransomware infected the Jackson Intermediate School District last year.

Homeland Security identifies ransomware as malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption.

Two companies are receiving the most attention, Arctic Wolf and CrowdStrike, Cummings and Jenkins said. 

The superintendent explained, “This is a service, so statutorily, we don’t have to go out for bid.”

The estimated price is lower than hiring local personnel, at least three people to provide the service, Jenkins said.

BISD Superintendent Kris JenkinsBISD Superintendent Kris Jenkins

BISD Superintendent Kris Jenkins

In its emergency, Jackson ISD did not go out for bid and hired Arctic Wolf. Calhoun ISD uses Crowd Strike.

“One vendor will call their detection method this and this other will call it something totally different, even though it’s the same thing. It’s really hard to compare side by side,” Cummings said.

CrowdStrike is one of the biggest ones in Michigan because the state’s partnering with them. Cummings said, “CrowdStrike might be just a little bit cheaper, and a little more complete.”

The technology director said Arctic Wolf will monitor equipment already in place.

With over 425 pieces of connected online equipment in the BISD system, Cummings will evaluate the services and price before bringing back a recommendation to the board.

Cummings said, “Nobody’s got a really good solution for Chromebooks or iPads yet. I don’t know that they’ve actually been ransomed.”

Subscribe Follow this story. Subscribe to the Daily Reporter.

Jenkins said the 24-hour monitoring is essential after talking to Jackson ISD about the Arctic Wolf service in the last two weeks. “There was some…

Source…

North Tonawanda School District tightens computer system security after state audit

/in


The North Tonawanda City School District has tightened protection of its computer network following an audit of its security procedures, according to a report from the State Comptroller’s Office.

“Most of the issues that were identified during the audit were addressed immediately,” School Superintendent Gregory J. Woytila wrote in response to technology audit for time between July 1, 2022, and April 12, 2023. “These enhancements will be part of the corrective action plan drafted in response to the findings.”

Auditors discovered 246 unnecessary user accounts that were subsequently disabled. Fifty-five of them were non-student accounts assigned to previous district employees, contractors and interns. One of them had been assigned to a substitute teacher who left in 2019.

The audit also found 29 unnecessary shared user accounts which were disabled and learned that no one kept track of the accounts or had a policy to disable them. Auditors said they were told that no policy had been developed because the district had not experienced a data leak or cyberattack in more than 20 years.

The audit additionally advised the district to develop an IT contingency plan so that employees could communicate and continue doing their jobs in case of a disruption.

Source…