A ransomware attack last week left an Albuquerque-area jail without access to its camera feeds and rendered automatic door mechanisms inoperable. As a result, inmates were confined to their cells, while technicians struggled to bring systems back online.
As first reported by the Albuquerque Journal, visitor access to the Metropolitan Detention Center was completely suspended while the jail was locked. All of the prison’s internet services were also taken offline, leaving staff unable to search inmate files.
Due to the lack of camera coverage, all inmates at the facility were taken into custody from the morning of January 5. In addition, according to an emergency notice filed by the county, the incident tracking database containing all reports of fighting, use of force and allegations of sexual assault was not available and is believed to be corrupt. by attack.
“By the early morning hours of January 5, 2022, the MDC’s automatic door mechanisms were inoperable, meaning staff had to use keys to manually open the doors to the facilities,” County attorney Taylor Rahn wrote in a report. court opinion related to confinement. “One of the most worrying impacts of the cyberattack is that MDC is unable to access the facility’s cameras. As of the evening of January 5, there was no access to cameras in the establishment.
The detention center was just a point of impact in a larger ransomware attack that hit Bernalillo County, the most populous county in New Mexico, on January 5. County employees were unable to access any local government databases and all public offices were temporarily closed. A press release dated January 10 said the county office seat was still only partially reopened.
The unexpected lockdown put the jail in potential violation of the terms of a settlement in a trial over detention conditions, forcing Bernalillo County to file an emergency notice in federal court. A 1995 trial settlement agreement required county jails to adopt new protocols in response to broader complaints about overcrowding and other conditions, including a guarantee that inmates have regular access to phones and other communication devices.
But the total failure of the prison’s internal computer network could force the establishment to violate this agreement.
“[L]the fact of not spending time in cells can have an impact on the ability of detainees to access phones and tablets ”, indicates the emergency file. In addition, depending on the duration of the impact of the attack, the county defendant may not be able to collect the data required by the settlement agreement.
Reached by phone, Rahn’s office said she was not immediately available for comment. Emails and voicemail messages sent to officials in Bernalillo County had not been answered at the time of going to press.
Ransomware is increasingly seen as one of the primary threats facing private businesses and government institutions in the United States. Last year, the Department of Justice created the Ransomware and Digital Extortion Task Force to coordinate information sharing between divisions of the Department of Justice and with outside agencies, signaling a new approach to tackle the problem. Nonetheless, reports from the US Treasure estimate that ransomware payments for 2021 will still exceed all previous records.