San Bernardino County sheriff's office struggling to recover from ‘malware’ incident
The San Bernardino County Sheriff's Department is in the process of recovering from a cyberattack involving malware weeks after it began.
Department public information officer Mara Rodriguez told Recorded Future News that the Southern California department first identified a network disruption on April 7 and later confirmed that it involved malware.
Rodriguez would not say if it was ransomware specifically, but local media said the department was forced to shut down most of its systems in an effort to contain the incident — a hallmark of most ransomware attacks.
“The County is conducting a forensics investigation to achieve a complete understanding of any impacts to the system,” Rodriguez said. “At this time, we have no further information available and continue to investigate.”
A local news outlet reported on Sunday that the department is still struggling to recover from the incident, with officers having to use radios to run license plate checks or get further information on suspects. The agency has 15 patrol stations and about 3,800 employees overall.
The department initially shut down email and internet services as well as the computers used by officers in their cars.
The attack began when an officer clicked on a malicious link, according to ABC7. Rodriguez would not say whether data had been stolen during the attack. No ransomware group has come forward to claim the attack.
The San Bernardino agency is the latest law enforcement institution to deal with a cyberattack. Last month, a ransomware group leaked data stolen from the Washington County Sheriff’s Office in northeastern Florida and two weeks ago, a New Jersey police department said it was struggling to rebound from its own ransomware attack.
Several other police departments were forced to resort to pen and paper due to cyberattacks, including offices in Ohio and New York. Even the U.S. Marshals Service was hit with a ransomware attack that exposed troves of sensitive data.
Ransomware groups have also launched several recent attacks on police departments across California, including incidents in Modesto, Oakland and San Francisco.
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.