Suffolk Cyberattack Hackers Demanded $2.5M: Bellone

HAUPPAUGE, NY — The hackers who breached Suffolk's web server in the Sept. 8 cyberattack demanded a $2.5 million ransom though County Executive Steve Bellone said at a news conference on Wednesday that he would not support it.

"Payment is no guarantee that the criminal actors will honor their commitment or that they won't come back later to extract an additional demand," he added. "But more important, we don't know who these criminal actors are. Are they terrorists? Are they engaging in sex trafficking? Are they engaged in activities that are hostile to our nation's interests?"

"By paying this ransom, would we be using Suffolk County taxpayer dollars to fund operations that could do harm to human life?" he said. "We don't know the answer to that, and I was not prepared to take that chance."

Since the attack, the county has been "laser-focused" on providing critical services in "the challenging environment" and a forensic examination to determine what happened, as well as mitigating "the damage to the maximum extent possible," Bellone said.

But it's been a costly focus with county spending $3.4 million on restoration and $2 million on the forensic examination, according to Bellone.

An investigation found that the hackers first broke into the county's system in December 2021, by first entering through the county clerk’s office, staying in the system for eight months, according to Bellone. The office has its own Information Technology department which requested a bypass of the county's firewall, Bellone said.

The hackers acquired IT credentials to breach further into the county's network in late August about 18 days before the attack, according to Bellone.

The breach possibly took place because the clerk's IT director, who was not named, failed to have the proper security mechanisms in place and withheld "critical information and other inexplicable actions," Bellone said.

The cybercriminal group BlackCat's members revealed themselves in September by posting ransom notes on the dark web, and the county took its web-based applications offline, according to The New York Times.

The investigation is ongoing.

District Attorney Ray Tierney said his office has received the results of the county’s "examination of the events relating to the cyberattack" and investigators will continue to work with the FBI and Suffolk police in "the ongoing criminal investigation."

"Thankfully, my office had additional internet technology defenses in place, so that no criminal prosecutions were compromised," Tierney said. "I thank the county, the legislature and the various department heads for their ongoing remediation efforts."

Suffolk government's web-based applications were breached in what officials later described as a ransomware attack. Officials announced late last month that the driver’s license numbers of nearly 500,000 people, who were issued violations in the county's police district, meaning the area patrolled by Suffolk police outside villages, were possibly exposed.

The personal information of current and former employees was exposed.

County officials have since made available credit monitoring and restoration services for those affected.

RELATED STORIES:

• 'Zombie House' Demos Stalled In Brookhaven Over Cyberattack: Officials
• Suffolk Traffic Court Back Online After Cyberattack: Report
• Suffolk Property Tax Refunds Backlogged Since Cyberattack: Report
• Suffolk Offers Free Credit Monitoring To People Exposed In Cyberattack
• Suffolk Pols Give Subpoena Power To Panel In Cyberattack Probe: Report
• Funding Questioned As Suffolk IT Head Plans To Boost Staff, Equipment
• Suffolk Officials Warned Of Possible Cyberattack Months Ago: Report
• Suffolk Cyberattack: Title Searches Return As Property Sales Delayed
• Suffolk Hack: Residents Told Obtain Credit Report, Look Over With Care
• 'Threat Actor' Claims Responsibility For Suffolk Hack On Dark Web
• Suffolk Exec Says 'Cyber Intrusion' Has Hallmarks Of Ransomware
• After Possible Cyberattack, Suffolk Deploys Manual Record-Keeping