Albany County in the state of New York has been struck by two separate cyber-attacks in three weeks.
A five-figure ransom in Bitcoin was paid by Albany County Airport Authority (ACAA) earlier this month after their servers became infected with ransomware on Christmas day.
Airport CEO Philip Calderone said that the authority caught the virus from a company called LogicalNet, which, rather ironically, ACAA had hired to provide cybersecurity services. The attack came to light after LogicalNet reported that its management services network had been breached.
Calderone told Times Union: "We have severed our relationship with LogicalNet."
According to Times Union, while the airport's insurer reimbursed the authority for the rest of the undisclosed ransom payment, the airport authority is seeking to recover the $25,000 deductible it paid on its insurance policy from LogicalNet.
Three weeks later, on January 15, the Albany County town of Colonie was hit by a cyber-attack that took the town's computer system and email offline. Many departments were still experiencing problems on Friday.
Town spokesperson Sara Wiest said on Friday that the town was still trying to determine the exact nature of the attack. Wiest added that all the town's data had been backed up prior to the incident, allowing many departments to continue working despite not having access to the computer system.
In a forced return to last century's communication methods, the town sent out a news release regarding the cyber-attack via fax on Friday morning.
The release stated that there was no indication that any personal data had been compromised and reassured the public that the town's health and safety services were still functioning.
"These types of situations happen in a lot of different places and municipalities and they appear to be similar," said Colonie town supervisor Paula Mahan. "It’s happening in a lot of places and it’s something we have to get used to."
In March 2019, the City of Albany spent $300,000 in new servers, security software upgrades, firewall insurance, and other cybersecurity improvements after being hit by a ransomware attack. Fortunately, the city was able to fall back on its daily backups of mission-critical systems, and no ransom was paid.