Cyber Incident Victim: Albany County
Date:
May 2024
Location:
United States of America
Summary
Albany County officials are investigating a potential cybersecurity breach affecting online residency certificate services, forcing residents to use phone-based alternatives; they reported no evidence of data exfiltration but declined to confirm ransomware involvement or disclose incident timelines. The county has engaged state cybersecurity resources amid a broader pattern of attacks targeting New York local governments, following prior incidents affecting critical infrastructure like airports and emergency services. State leadership has intensified cybersecurity investments and regulatory measures, including mandatory ransomware payment reporting, as ransomware groups increasingly target municipal entities nationwide, with dozens of local governments impacted this year.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Albany County, New York, announced an investigation into a potential cybersecurity breach affecting its networks in late May 2024, just ahead of the Memorial Day weekend. County Executive Daniel McCoy confirmed the incident in a statement to Recorded Future News, revealing collaboration with the New York State Division of Homeland Security and the Emergency Services Cyber Incident Response Team. The disruption specifically impacted online services for obtaining certificates of residency, requiring residents to contact the Division of Finance directly instead. McCoy emphasized that officials had not identified evidence of data exfiltration at the time of the announcement. The county declined to provide additional details regarding the incident’s onset, its classification as a ransomware attack, or potential involvement of federal law enforcement agencies. The Times Union first reported the cyberattack, noting Albany County’s population of over 310,000 residents and its prior experiences with ransomware incidents between 2019 and 2021. Those earlier attacks targeted critical infrastructure, including Albany International Airport, a local 911 dispatch center, and the city of Albany’s municipal systems.
This incident occurred against a backdrop of heightened cyber threats to New York’s government entities, following a ransomware attack on the state legislature’s bill-drafting systems just one month prior. Governor Kathy Hochul had intensified cybersecurity measures after a 2021 attack on a wealthy New York county, allocating an additional $35 million to the state’s $61.9 million cybersecurity budget in 2023 and appointing Colin Ahern as New York’s first chief cyber officer in June 2022. State policy changes under Hochul now mandate reporting of ransomware payments and stricter data protection protocols for regulated organizations. The Albany County breach aligns with a broader pattern of ransomware targeting local governments across the United States, with incidents reported in May 2024 affecting St. Helena, California, and Macon-Bibb County, Georgia. Cybersecurity analyst Brett Callow documented at least 45 local government ransomware incidents nationwide in 2024 as of the article’s publication.