Bernalillo County

Bernalillo County government operates as a local administrative body serving residents within its jurisdiction in New Mexico, United States. Its core functions encompass a wide range of public services typical of a U.S. county government, including public safety through the Sheriff’s Office and Fire and Rescue departments, emergency 911 dispatch, management of community centers, behavioral health programs, and the operation of a detention center. The county is also responsible for essential administrative tasks such as property tax collection and maintaining various public databases critical to its operations. This scope indicates a comprehensive mandate to support the health, safety, welfare, and administrative needs of its constituents. The specific geographic reach and population served are not quantified in the provided material, but its status as a county government implies a significant regional footprint and responsibility for a substantial number of residents.

The January 2022 ransomware attack provides a concrete, albeit disruptive, view into the county’s operational scale and resilience. The incident forced the closure of many public offices and severely limited employee access to critical internal databases, demonstrating the interconnected nature of its administrative systems. Notably, emergency services—including 911, the Sheriff’s Office, and Fire and Rescue—remained operational through pre-established backup contingencies, highlighting a key distinguishing attribute of maintained critical service continuity during cyber crises. Other departments, such as community centers and behavioral health, relied on their own contingency plans, showing a distributed approach to operational resilience. The county’s immediate response of taking affected systems offline and severing network connections to contain the attack, followed by engagement with external vendors and law enforcement for investigation and restoration, reflects a standard, evidence-based protocol for severe cybersecurity incidents. The fact that a separate, unaffected portal continued to accept tax payments illustrates a degree of system segmentation for vital revenue functions. While the specific ransomware strain and initial attack vector remained unidentified, the event underscored the county’s role as a keeper of sensitive public data and essential services, making it a target for cybercriminals seeking to disrupt civic functions. The cancellation of detention center visits further exemplifies the broad operational impact extending into the corrections sector. This incident serves as the primary documented evidence of the county’s technological infrastructure, its dependency on networked systems for non-emergency functions, and its procedural preparedness for maintaining life-and-safety operations during a major cyber event.