Bernalillo County, New Mexico, was unable to comply with the terms of a settlement in a 27-year-old prison conditions lawsuit after last week’s ransomware attack put prisoners back under manual control.
County officials to file notice on January 6, 2022 [PDF] The New Mexico District Court, which oversaw the settlement, invoked an emergency clause in the settlement’s provisions to temporarily suspend its obligations.
Covering all of Bernalillo County, New Mexico’s largest city, Albuquerque, the commissioner told the court, affected By January 5, 2022, ransomware attacks, including the Metropolitan Detention Center (MDC), which houses some of the state’s incarcerated people.
To resolve complaints of prison overcrowding and other alleged rights violations dating back to 1995, MDC and victimized inmates have agreed to Billing Terms Call on the MDC to take corrective action to improve prison conditions.
But last week’s ransomware attack has interfered with MDC’s ability to do so, and the prison’s systems have yet to be fully restored.A spokesman for the facility told by phone register On Wednesday, the service was still under repair.
The attack took automatic security doors offline on Jan. 5, requiring officials to manually open them with a key until that specific function could be restored.
Databases, servers and internet services operated by the county have been compromised, officials said in their filing. At MDC, this means limited access to email and no access to county wireless internet. This is especially problematic because the structure and location of MDCs can interfere with cellular service, officials said.
“One of the most worrying effects of a cyberattack is that MDCs lose access to facility cameras,” they explained. “As of the evening of January 5, cameras are not available in the facility.”
The MDC has implemented a temporary blockade for this situation. Court-related video conferences were also not held.
Several MDC county-level databases are also believed to have been compromised by the attack.
“The Incident Tracking System (ITS), the database that MDC creates and maintains all incident reports, including charges of inmate fights, use of force, violations of the Prison Rape Elimination Act, is currently unavailable because it is suspected of being damaged by an attack,” the document said. pointed out.
“In addition, the Offender Management System (OMS) that MDC uses to store and access prisoner information, including prisoner account data, is also currently unavailable.”
Disruptions in the healthcare system add to the woes
A spokesman for Bernalillo County did not immediately respond to a request to detail the return to work, but Albuquerque Journal reports It is recommended that technicians wish to have the MDC camera system working over the nearest weekend.
The plaintiff in this case has taken the opportunity to submit a statement [PDF] A registered nurse has announced her resignation from MDC over concerns about conditions there. Nurse Taileigh Sanchez described severe staffing shortages at the MDC and problems with the new electronic medical record system, which were made worse by the ransomware attack.
She said the attack denied access to current medical records, which may have left some prisoners without access to medicines.
Sanchez said she told supervisors her concerns — which date back to before the ransomware attack — but faced retaliation. “While I love my job and have even been here for 11 years, I am resigning from my full-time position immediately for the safety of clients and employees,” she said in a statement.
The number of reported ransomware attacks actually decreased from 2020 to 2021, according to security firm Sophos [PDF]. 37% of organizations surveyed admitted to being affected by ransomware in 2021, compared to 54% in 2020. However, the average repair cost more than doubled, from $760,000 in 2020 to $1.85 million in 2021.
Last year, there were enough high-profile ransomware attacks — Colonial Pipeline, JBS, and the Washington, D.C. Police Department — that the Biden administration blocked ransomware despite a drop in the statistics a prominent part. Its cybersecurity policy. ®
