Scribd Logo
Upload

Welcome to Scribd!

  • Albany Ransomware Attack Targeted Data Back To 2017

    Uploaded by

    João Fernando Vieira
    6 views4 pages

    Original Title

    Security Software

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views4 pages

    Albany Ransomware Attack Targeted Data Back To 2017

    Uploaded by

    João Fernando Vieira

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 4

    Albany ransomware attack targeted data back to 2017

    ALBANY – The damage from the 2019 ransomware attack on the city police department internal
    affairs computer system went further back than previously revealed.
    Ransomware the new online 'nightmare' for business
    Airport enlists cyber security experts in ransomware attack's wake
    The district attorney’s office said it recently found out the damage from the March 30, 2019 attack
    went back to September 2017.
    In a February letter, District Attorney David Soares’ office modified its previous statement, saying
    only that digital data had been lost, rather than actual files.
    “We were originally informed by the police department that the data loss included all of 2018,”
    Soares' office said, according to a letter obtained by the Times Union. “On February 12, we
    received written clarification from the administrator of the network that the data loss was from
    September 12, 2017 to April 2, 2019.”
    Previously, in a January letter to some defense attorneys, the district attorney’s office said all files
    for 2018 had been lost.
    The city emphasized that the attack did not damage any internal affairs files. Instead, the attack hit
    part of the indexing system of city police department’s internal affairs case management program,
    called IAPro.
    The system is part of the department’s Personnel Early Warning System, which is used to identify
    and intervene when officers are demonstrating symptoms of job stress or other problems that are
    affecting their job performance.
    In a statement last week, city spokesman David Galin said that index has been rebuilt.
    “As has been communicated to the District Attorney’s Office, a portion of the Internal Affairs
    indexing system (IAPro) was not recoverable due to the ransomware attack. The IAPro system
    manages data entry and serves as an index for the physical files which have and continue to be
    safely secure. As of February 25, the portion of the indexing system that was impacted by the
    ransomware attack has been fully rebuilt through manual re-entry of the information contained in
    the physical case files.”
    The city’s statement did not explain why it took nearly two years to rebuild that portion of the
    indexing system. Police department spokesman Steve Smith said the department was only recently
    able to find a vendor to work with on the system.
    But the city’s assertion that no files were damaged or deleted was contradicted by a city-hired
    attorney in a federal civil rights case last week.
    Stephen Rehfuss, a former member of the city’s corporation counsel, said a use-of-force incident
    report was no longer available due to the ransomware attack. Rehfuss is defending the city against a
    lawsuit filed by Ellazar Williams, who was shot in the back by a city detective in August 2018.
    The city did not provide a clarification on what Rehfuss meant by deadline Monday.
    Both the police department and the district attorney’s office said last week no criminal cases were in
    jeopardy.
    “All Albany Police Department Internal Affairs files have existed, and continue to exist, in their
    entirety and continue to be available for physical review by the Albany County District Attorney’s
    Office, as is required of the DA per Judge Carter’s ruling,” Galin said in his statement.
    “No cases have had negative sanctions at this time due to this issue. We will continue to work to be
    in full compliance and certify in good faith for all cases that we are able to,” said Cecilia Walsh, a
    spokeswoman for the district attorney’s office.
    The district attorney's office asked for every department in the county to turn over portions of their
    officer's personnel files that might contain "impeachable" material after a November 2020 ruling in
    an Albany homicide case. That includes discipline, citizen complaints, allegations of misconduct
    and more.
    In that ruling Albany County Judge William Carter said that the district attorney’s office had to
    provide information on police officers who might be possible prosecution witnesses that was
    unrelated to the current case. Carter also said Soares’ office’s use of asking police to essentially self-
    report “impeachable” information was not in line with the intent of the state’s discovery laws.
    Soares’ office has said they disagreed with the ruling, pointing to the fact that other judges across
    the state were not putting the same burden on other prosecutors.
    The district attorney’s office has been building its own database of police personnel files in order to
    comply with decision.
    The full impact of the ransomware attack on the city, how exactly how hackers gained access, has
    never been fully explained. The city said it did not end up having to pay the ransom because critical
    servers, such as human resources and treasury, were backed up. As of last month, the FBI said its
    investigation into who was responsible for the attack was ongoing.
    The city paid out roughly $300,000 to recover from the ransomware attack. That cost covered
    destroyed servers, upgrading user security software, purchasing firewall insurance and other
    improvements to firm up the city's systems following the attack.

    Albany ransomware attack targeted data back to 2017


    ALBANY – The damage from the 2019 ransomware attack on the city police department internal
    affairs computer system went further back than previously revealed.
    Ransomware the new online 'nightmare' for business
    Airport enlists cyber security experts in ransomware attack's wake
    The district attorney’s office said it recently found out the damage from the March 30, 2019 attack
    went back to September 2017.
    In a February letter, District Attorney David Soares’ office modified its previous statement, saying
    only that digital data had been lost, rather than actual files.
    “We were originally informed by the police department that the data loss included all of 2018,”
    Soares' office said, according to a letter obtained by the Times Union. “On February 12, we
    received written clarification from the administrator of the network that the data loss was from
    September 12, 2017 to April 2, 2019.”
    Previously, in a January letter to some defense attorneys, the district attorney’s office said all files
    for 2018 had been lost.
    The city emphasized that the attack did not damage any internal affairs files. Instead, the attack hit
    part of the indexing system of city police department’s internal affairs case management program,
    called IAPro.
    The system is part of the department’s Personnel Early Warning System, which is used to identify
    and intervene when officers are demonstrating symptoms of job stress or other problems that are
    affecting their job performance.
    In a statement last week, city spokesman David Galin said that index has been rebuilt.
    “As has been communicated to the District Attorney’s Office, a portion of the Internal Affairs
    indexing system (IAPro) was not recoverable due to the ransomware attack. The IAPro system
    manages data entry and serves as an index for the physical files which have and continue to be
    safely secure. As of February 25, the portion of the indexing system that was impacted by the
    ransomware attack has been fully rebuilt through manual re-entry of the information contained in
    the physical case files.”
    The city’s statement did not explain why it took nearly two years to rebuild that portion of the
    indexing system. Police department spokesman Steve Smith said the department was only recently
    able to find a vendor to work with on the system.
    But the city’s assertion that no files were damaged or deleted was contradicted by a city-hired
    attorney in a federal civil rights case last week.
    Stephen Rehfuss, a former member of the city’s corporation counsel, said a use-of-force incident
    report was no longer available due to the ransomware attack. Rehfuss is defending the city against a
    lawsuit filed by Ellazar Williams, who was shot in the back by a city detective in August 2018.
    The city did not provide a clarification on what Rehfuss meant by deadline Monday.
    Both the police department and the district attorney’s office said last week no criminal cases were in
    jeopardy.
    “All Albany Police Department Internal Affairs files have existed, and continue to exist, in their
    entirety and continue to be available for physical review by the Albany County District Attorney’s
    Office, as is required of the DA per Judge Carter’s ruling,” Galin said in his statement.
    “No cases have had negative sanctions at this time due to this issue. We will continue to work to be
    in full compliance and certify in good faith for all cases that we are able to,” said Cecilia Walsh, a
    spokeswoman for the district attorney’s office.
    The district attorney's office asked for every department in the county to turn over portions of their
    officer's personnel files that might contain "impeachable" material after a November 2020 ruling in
    an Albany homicide case. That includes discipline, citizen complaints, allegations of misconduct
    and more.
    In that ruling Albany County Judge William Carter said that the district attorney’s office had to
    provide information on police officers who might be possible prosecution witnesses that was
    unrelated to the current case. Carter also said Soares’ office’s use of asking police to essentially self-
    report “impeachable” information was not in line with the intent of the state’s discovery laws.
    Soares’ office has said they disagreed with the ruling, pointing to the fact that other judges across
    the state were not putting the same burden on other prosecutors.
    The district attorney’s office has been building its own database of police personnel files in order to
    comply with decision.
    The full impact of the ransomware attack on the city, how exactly how hackers gained access, has
    never been fully explained. The city said it did not end up having to pay the ransom because critical
    servers, such as human resources and treasury, were backed up. As of last month, the FBI said its
    investigation into who was responsible for the attack was ongoing.
    The city paid out roughly $300,000 to recover from the ransomware attack. That cost covered
    destroyed servers, upgrading user security software, purchasing firewall insurance and other
    improvements to firm up the city's systems following the attack.

    You might also like