Ransomware Locks Down Prison, Knocks Systems Offline

A prison in New Mexico had an unplanned lockdown due to a ransomware attack. 

As reported by Source NM, the Metropolitan Detention Center in Bernalillo County, New Mexico, went into lockdown on January 5, 2022, after cyberattackers infiltrated Bernalillo County systems and deployed malware. 

Local government systems were impacted by the cyberattack, including those used to manage the prison. 

Inmates were made to stay in their cells as the ransomware outbreak reportedly not only knocked out the establishment’s internet but also locked staff out of data management servers and security camera networks. 

The incident came to light in court documents, with one public defender representing the inmates suggesting that their constitutional rights were violated due to the sudden lockdown, which also meant that visitations were canceled. 

Concerns were also raised surrounding the lack of internet access, with inmates left with only payphones to communicate with court representatives. 

Employees of the jail, too, had to rely on unstable cellular connections to make phone calls or access email, and video conference-based court proceedings – imposed widely across the United States due to COVID-19 – could not proceed on the day of the lockdown.  

A number of databases are suspected of being corrupted by the cyberattack, including an incident tracker which records inmate fights, attacks, as well as allegations of prison rape and sexual assault. 

In addition to the lack of data access and camera feeds, prison guards were left unable to manage automatic doors. However, physical keys could still be used and access to this particular system was restored by the afternoon of January 5. 

Federal law enforcement has been contacted, however, the sudden lockdown has meant that the prison may have been unable to comply with a decades-old court order and settlement relating to allegations of poor prison conditions.

Speaking to The Register, as of January 12, a spokesperson for the prison said that services “are still being repaired.”

In a statement dated January 10, Bernalillo County said employees are working remotely as “the county assesses and recovers from cyber issues affecting certain computer systems,” and normal services are yet to resume. County officials added that “no in-person visitation” is allowed “until further notice” at the prison, and “phone contact is limited.”

Bernalillo County Sheriff’s Office Advisory and Review Board (SOARB) has canceled its latest meeting due to “a computer network issue affecting certain computer systems of Bernalillo County.”

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0