Statement on New Bedford Police Department Ransomware Attack

New Bedford, Massachusetts – In the early morning of Thursday, January 27, 2022, the New Bedford Police Department was the target of a ransomware attack which was limited to a number of individual work stations and servers used by the Police Department. No other City departments were impacted. The Police Department’s 911 emergency response system continued to receive and respond to calls from the public. As a precaution, the Police Department’s non-emergency office phone network was placed out of service for a brief period and later reactivated.  
 
The City has initiated its cybersecurity response plan and has notified federal law enforcement authorities. The City’s cybersecurity consultants believe no data was exfiltrated or accessed during the attack, and restoration using backup data is already underway. No ransom demand was received and no ransom negotiations were considered, as restoration measures are expected to sufficiently address the impact of the attack. The City maintains insurance coverage to cover the cost of responses to cyberattacks.
 
In July 2019 the City’s MIS Department disrupted a ransomware attack using the RYUK virus. RYUK was implicated in attacks on government, education, and private sector networks across the world. The RYUK virus was not used in the current attack.  A forensic investigation to determine the origin of the current attack is underway.
 
The City’s cybersecurity consultants attribute the timely identification and isolation of the current attack to the robust investments in cyber defenses made by the City over the past several years. The City will continue to invest in hardware, software, and training to harden its defenses to keep pace with a constantly evolving threat environment.  

Current plans for security enhancements will be adjusted if necessary, depending on the findings of the forensic investigation. Today’s developments are a reminder that ransomware attacks are pervasive across organizations of every type, and proactive investments in cybersecurity can significantly reduce impacts in the event of an attack.