Cyber Incident Victim: New York City Law Department

On June 6, 2021, New York City officials discovered a cyberattack targeting the City’s Law Department, prompting an immediate disconnection of the department’s computer systems from the municipal network. The 1,000-attorney agency was taken offline as a precautionary measure while investigators assessed the breach. Mayor Bill de Blasio confirmed during a June 8 virtual briefing that no evidence of compromised data or ransom demands had been identified at that stage, characterizing the investigation as actively evolving. The City’s cybersecurity team, led by Chief Information Security Officer Geoff Brown, implemented containment measures including restricted network access to prevent potential lateral movement by attackers. Initial statements emphasized the incident did not involve ransomware, though authorities declined to disclose potential motives or attribution details.

The New York Police Department’s Deputy Commissioner for Intelligence and Counterterrorism, James Brown, reported that automated threat detection systems had flagged suspicious activity, enabling Cyber Command and contracted responders to isolate the anomaly promptly. Forensic analysis remained in its early phases as of June 8, with no public confirmation of intrusion methods or data exfiltration. Operational impacts included sustained network outages affecting the Law Department’s ability to conduct routine legal operations for the City. Mayor de Blasio contextualized the attack within broader cybersecurity threats, citing the May 2021 Colonial Pipeline ransomware incident as indicative of persistent risks to critical infrastructure. City officials expressed confidence in restoring secure IT operations but provided no specific timeline for full system restoration, maintaining heightened security protocols throughout the investigation.