Ransomware cyberattack forces New Mexico jail to lock down

Ransomware cyberattack forces New Mexico jail to lock down

Five days after the new year, the Metropolitan Detention Center (MDC) in Bernalillo County, New Mexico suddenly went on lockdown. The reason? A ransomware cyberattack has knocked the jail’s internet connection offline, rendering most of their data systems, security cameras, and automatic doors unusable. Prisoners were confined in their cells while MDC technicians struggled to get everything back up and running again.

This attack forced the facility to suspend all prison visits, including from family members and lawyers, which the facility claimed was for the safety of everyone involved. And according to a public defender who represents some of the inmates, the facility’s response to the attack also threatened the prisoners’ constitutional rights.

No, the Metropolitan Detention Center was not targeted

According to a 7-page emergency notice, the entire Bernalillo County was attacked by unknown ransomware threat actors on the 5th of January, Wednesday, between midnight and 5:30AM local time. While the MDC itself isn’t the target, the after effects of the attack have spread within the facility just the same. County Internet systems were said to be compromised with staff having limited access to email. This greatly affects MDC staff, because the facility’s structure and location prevents them from using cellular data, which is usually a good alternative if the county experiences an internet outage.

On top of this, several databases within MDC have been confirmed to be corrupted by the attack. Two important systems, namely the facility’s Incident Tracking System (ITS), a system where incident reports are created and stored, and the Offender Management System (OMS), a system housing prisoner account data, were rendered inaccessible and were suspected to be corrupted.

“One of the most concerning impacts of the cyber attack is that MDC is unable to access facility cameras,” per the notice, “As of this evening, January 5th, there was no access to cameras within the facility.”

The only known reprieve at that time had been the immediate restoration of the automatic doors in the afternoon. Staff would no longer have to manually lock and unlock facility doors using keys.

A breach in the system could result in unforseen problems

This ransomware cyberattack has pushed Bernalillo County into potentially violating a settlement agreement [PDF] from a two-decade old lawsuit, which is why it filed an emergency notice to the federal court. This agreement requires county jails to improve conditions within the facility and address complaints like overcrowding. This also includes providing inmates with regular access to telephones and other communications devices (e.g. tablets). But because the attack affected their internet connection—rendering inmates unable to use such devices—and because jail staff decided to keep inmates confined to their cells, the county has found itself unable to fulfill conditions in the settlement.

The county has already reached out to federal law enforcement to assist in addressing the ransomware attack. For now, Bernalillo County has taking steps to mitigate the effects of the attack.

We’ve entered 2022 with many of us only hoping that we’d have less ransomware attacks. But as we already know, what we hope for doesn’t always equate to reality. Ransomware has been a top threat for years now. Unless organizations take a serious stance on cybersecurity, there is no way we can (at least) slow these attacks down.


Jovi Umawing

Knows a bit about everything and a lot about several somethings. Writes about those somethings, usually in long-form.