Even before the dreaded Corona Virus spread its wings in New York, the government over there had to deal with an unreported emergency that lurked in the form of a massive cyberattack locking down many systems from access until a month.
Believed to have emerged from outside the United States, the New York State government as a precautionary measure was forced to temporarily lock down the access to the databases such as Department of Environment Conservation, Department of Civil services and State Police
The good news is that the cyber attack in the form of the vulnerability did not expose any data related to employees from New York. Nor did it lead to the exposure of classified info from various databases.
Technically speaking, the vulnerability discovered on Jan 28th this year was related to Citrix NetScalers which is usually related to the communication taking place between computers. Hackers used the vulnerability to hack the servers operating at the State University of New York (SUNY) Zen Building on the Nanotechnology School campus in Albany.
Citrix already highlighted the security flaw in its blog update of Dec’19 and issued a fix on an immediate note. However, the state officials of New York failed to act on the information on time and reacted lately in Jan 2020.
However, all ended well with the IT staff working at the server farm identifying the incident and neutralizing it before any untoward took place.
Note- The attack took place on New York Government at the time with the Chinese hacking group APT41 was conducting an attack campaign on Citrix servers in order to exploit the systems which were vulnerable.