New York capital hit by ransomware attack, taking services offline

The situation hasn't been resolved yet.

Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
Alfred Ng
3 min read

Albany's government announced it was hit by a ransomware attack on Saturday.

Angela Lang / CNET

Albany is the latest in a long list of cities ensnared by ransomware.

On Saturday, the city government announced it was hit by a ransomware attack. In such attacks, hackers infect computers with malware that holds the content hostage unless the victims pay to free their machines.

The attack took out several city services that remain impacted, including its ability to offer copies of birth, death and marriage certificates and applications for marriage licenses. 

On Sunday evening, the city said in a statement that any couples seeking to get a marriage license will need to apply in person at the clerk's office in the nearby cities of Troy, Latham or Watervliet. Those wanting copies of birth, death and marriage certificates should go to the state vital records office in the nearby city of Menands. 

All other city services are available, the city government said in its statement.

"The City of Albany has experienced a ransomware cyber attack. We are currently determining the extent of the compromise," Albany Mayor Kathy Sheehan said in a tweet early Saturday afternoon local time. 

Her office didn't respond to a request for comment on Monday.

The initial extent of the Albany attack is still unclear, but a police union official offered a glimpse into the situation in a Facebook post on Sunday morning. 

The Albany Police Officers Union said that police officers didn't have "access to the scheduling system, departmental email, and any other service or program that operates by internet connection."

Gregory McGee, the union's vice president, said that the ransomware was also affecting computers in patrol cars related to "incident and accident reports."

"Calls for service may take longer than expected to complete due to the fact officers do not have the tools at hand to provide the appropriate level of service," McGee said in the post. "One has to ask the question of why a police department with sensitive information is on the same network that was so easily attacked."

Ransomware attacks have increasingly targeted city governments, which often don't have the same security resources that businesses do. Unlike businesses, city governments are also under more pressure to pay the ransom because citizens rely on these services in their daily lives.

In November, the Justice Department charged two Iranian hackers who were allegedly behind ransomware attacks targeting governments and other organizations across the US and Canada, including Atlanta and Newark, New Jersey. The two alleged hackers would target critical infrastructure like city systems and hospitals to shut down key public services -- institutions that would hurt the most by being locked out of computers.

Those ransomware attacks affected more than 200 entities in the US and caused more than $30 million in damages, prosecutors said. The ransomware in Atlanta affected the city from March to June and blocked access to online bill payments and electronic court documents. City officials refused to pay, and the recovery effort cost an estimated $17 million.

Many victims couldn't afford to ignore the ransomware, as the alleged hackers raked in more than $6 million in payments.

Despite the indictment, the Iranian hackers are still at large because Iran doesn't extradite people to the US. 

There's no evidence that they are also behind the cyberattack in Albany. The city government didn't provide details on the type of ransomware it was infected with and didn't indicate whether it intended to pay a ransom.