Several local governments struggling with cyberattacks limiting services

Government services offered by one of the largest counties in Maryland are still being limited more than a week after it was targeted by a cyberattack. 

Anne Arundel County, home to nearly 600,000 people and the state capital of Annapolis, first announced the incident on February 23 and as of Monday is warning residents that multiple services are still down. 

911 and 311 call centers are operational but County Executive Steuart Pittman said many other services are impacted by the shutoff of internet access — an action taken to “ensure the safety” of government systems. County officials initially said the attack was “of external origin” and was considered a “multi-day event.”

The county is also home to several prominent federal institutions, including the National Security Agency, and the U.S. Naval Academy. 

Pittman explained that due to an ongoing investigation, a full list of affected services could not be provided but residents concerned about water or tax bills could call the office of finance at a provided number. 

Late payments will be allowed, but county offices can only accept cash or checks in person. Customers can pay through the phone with credit cards or e-checks. Permits are still being processed manually. 

“County officials are working diligently with the Anne Arundel County Office of Information Technology, public safety officials, cybersecurity specialists, and each department to conduct a full investigation,” he said.

“While we have made some progress with securing and restoring our systems, we cannot share more details about the incident yet for several reasons: we are still working to understand the scope and impact of the incident, we do not want to potentially provide information to the potential threat actors, and we are working to recover from the incident as quickly as we can.”

When asked for comment, county officials declined to say whether it is a ransomware attack or if the group behind the attack has identified itself. No hacking group has taken credit for the incident as of Monday. 

Pittman added that they intend to share the full details of the incident, including how it happened and what departments were affected. There is no timeline for the restoration of services but there is a “priority order” state officials are using to bring systems back online. 

County buildings were closed last Monday as a result of the cyberattack and employees were asked to work from home. Tax services for seniors were suspended and customer service centers for the Department of Aging and Disabilities were closed. All county recycling centers and its landfill were closed as well, but public schools and libraries were not affected. Buildings were reopened on Tuesday. 

The attack on Anne Arundel County took place as multiple state-level government bodies dealt with cyberattacks having real-world impacts. Local news outlets in Maine spoke to officials in Franklin County who said they dealt with a ransomware attack early last month.

Missouri’s Department of Conservation is facing outages from a cyberattack announced on Friday and municipal courts in Cleveland, Ohio were shut down due to an incident last week. 

In an update on Monday, Cleveland Municipal Court said it is “currently investigating a cyber incident.”

“As a precautionary measure, the Court has shut down the affected systems while we focus on securing and restoring services safely. These systems will remain offline until we have a better understanding of the situation,” court officials wrote on social media, warning that housing court was also shut down. 

“All internal systems and software platforms will be shut down until further notice. The Cleveland Municipal Court will be closed, except for essential staff, and normal business will not be conducted with the public until further notice.”