Alabama’s government agencies were hit by a cyberattack on Wednesday, causing intermittent website outages. Jeremy Ward, the spokesperson for Alabama’s Office of Information Technology, conveyed to CNN that the disruptions, initially widespread, were curtailed as the day progressed with the help of vendors to counter the denial-of-service attack. Governor Kay Ivey’s office confirmed that the cyberattack started on Tuesday afternoon and did not result in any data breach or theft.
The cyberattack is a stark reminder of the global reach of hackers who can disrupt American governmental operations using basic techniques. Meanwhile, Birmingham, one of Alabama’s major cities, is grappling with a separate network issue that has been causing service disruptions for days, affecting essential city services like licensing and permitting.
The network issues have also extended to law enforcement, complicating routine checks for stolen vehicles or outstanding warrants, as reported by AL.com. Sergeant LaQuitta Wade, a spokesperson for the Birmingham Police Department, directed further inquiries to the city’s Office of Public Information.
Describing the cyberattack, cybersecurity expert Gerald Auger told CNN that such distributed denial of service (DDoS) attacks are “effective” in causing disruptions but are not technically complex. He likened it to the temporary pressure from an open fire hydrant.
Anonymous Sudan, a group identifying as hacktivists, has claimed responsibility for the DDoS attack on Alabama government websites through their Telegram channel. The group, which surfaced last year, has targeted the Alabama Law Enforcement Agency, among others, as part of their politically motivated cyber activities.
A Persistent Threat on Alabama:
In a recent wave of cyberattacks, a group known as Anonymous Sudan has targeted Alabama government websites, claiming to draw attention to the situation in Sudan. However, cybersecurity experts are uncertain how these attacks correlate with the group’s stated purpose, and the group’s location remains unknown.
Richard Hummel, a senior threat intelligence manager at Netscout, reported to CNN that Alabama has faced numerous such attacks, typically lasting between five to ten minutes. These short but frequent disruptions highlight the broader challenge faced by state and local governments across the United States, which have been increasingly targeted by ransomware and other cyber threats. Financial constraints and a lack of personnel often leave these entities ill-equipped to manage and mitigate the risks effectively.
In 2023 alone, over 2,200 American hospitals, schools, and government bodies were directly affected by ransomware, according to Emsisoft data. The impact of these attacks extends beyond the immediate disruption of government services; they also affect local communities that depend on digital access to essential services provided by schools, hospitals, and election offices.
Hummel emphasizes that regardless of the specific targets, cyberattacks like DDoS (Distributed Denial of Service) are more than just a minor inconvenience; they represent a significant and ongoing threat to public services and safety. The persistent nature of these attacks underscores the need for robust cybersecurity measures and public awareness to safeguard against such vulnerabilities.
