Cyber Incident Victim: New York State Legislature's Bill Drafting Office
Date:
Apr 2024
Location:
United States of America
Summary
A cyberattack disrupted operations at the New York state Legislature's bill drafting office, causing system downtime and forcing a temporary shift to an older operational method described as antiquated. The incident occurred during critical budget finalization work, though officials stated it was unlikely to cause major delays in the overall legislative process. While the office retained some capacity to process legislative work, Governor Kathy Hochul acknowledged that accessing computer-stored data might prolong certain tasks. The attack's origin and motivation remain unclear, with no confirmed details on whether it was politically motivated. Response efforts were underway, with authorities monitoring the situation to mitigate further impacts on government functions.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 17, 2024, the New York state Legislature's bill drafting office experienced an apparent cyberattack that disrupted its operations. The attack caused the office's bill drafting system to go offline early Wednesday morning, though the full scope of the compromise remained unclear at initial reporting. This office performs critical legislative functions, including printing bills for lawmakers at the state Capitol in Albany. The incident occurred during a sensitive period as the Legislature worked to finalize state budget bills, though Governor Kathy Hochul stated the cyberattack was not expected to cause dramatic delays to the budget process. Officials confirmed the system remained inoperable throughout Wednesday, forcing a temporary operational shift to a legacy process dating back to 1994.
Governor Hochul described the administration's response during a WNYC radio interview, noting teams had "been on top of this" since the early morning disruption. She indicated legislative work would require additional time due to inaccessible data within the compromised systems. When questioned about potential political motivations behind the attack, Hochul responded, "I don’t know." Mike Murphy, spokesman for the state Senate leader, issued a statement confirming the bill drafting office retained partial capacity to process legislative work despite the outage. Murphy expressed confidence the incident would not delay the overall legislative timeline, though Hochul acknowledged the antiquated manual processes would extend certain workflow stages involving data retrieval and bill preparation. No further technical details about the attack vector, threat actor, or recovery timeline were disclosed in initial reports.