Security incident disrupts the IT systems of the NYC Law Department; possible ransomware attack

Last Monday morning the New York City Law Department reported a problem with the computers used by its 1,000 attorneys, after attorney Katherine Weall wrote an email to a federal judge in Manhattan requesting a delay for the registration of her court documents, arguing that the department was experiencing “connectivity issues that prevented access to the Court’s systems.”

A few hours later, city officials revealed that these problems appeared because of a cyberattack that forced the temporary disconnection of the Law Department’s IT systems since Sunday afternoon. The attack is being investigated by the New York Police Department’s Intelligence Unit, in conjunction with the Federal Bureau of Investigation (FBI).

Concerns about a possible attack first surfaced Saturday night, when NY Cyber Command reported detection of unusual activity on the Law Department’s computer network. This command is a unit created by Bill de Blasio, mayor of NY for the defense of the city’s computer systems. Nicholas Paolucci, a spokesman for the Law Department, said that since then the necessary measures have been taken to mitigate the potential impact of this incident.

NYC Mayor Bill de Blasio

Mayor de Blasio said Monday night that, until then, no ransom demand or threat to leak confidential information had been received, though he did not rule out that the threat actors are economically motivated: “An in-depth analysis of the case is ongoing, so we will be able to share more details only until this compromises the investigation. At the moment we are confident that the defenses of our IT systems were able to contain the attack.”

This attack was detected at a time when the government and private organizations in the U.S. have become frequent targets of cybercriminal groups, an example of which is the recent attack on Colonial Pipeline. Requests have come from the White House to thousands of companies to strengthen their cybersecurity measures, and it is believed that the U.S. Department of Justice (DOJ) will adopt a new approach to monitor and punish the operators of these attacks in a similar way to intelligence work against terrorist groups.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.