Town of Ulster in New York Faces Major Cyberattack, Enters Disaster Recovery Mode
On September 11, 2024, the Town of Ulster, New York, experienced a significant cyberattack that compromised its main general server, causing most municipal computer systems to go offline. The breach was detected early by the town’s security software, prompting an immediate shutdown of the servers. Supervisor James E. Quigley III reported that the town responded promptly by notifying New York State Homeland Security Cybersecurity Services, which in turn alerted the FBI. While the Police Department and town court systems remained operational, critical municipal departments such as water, sewer, payroll, and administrative functions were significantly impacted. The town engaged an independent forensic firm for investigation, and officials have been working around the clock to restore services. Backup servers have been activated, and KBS is hosting the town’s financial system remotely to facilitate the recovery process. Although no evidence of data theft has been found, the full extent of the impact is still being assessed.
Manual procedures were established to maintain essential day-to-day operations while the recovery effort continues. The town has prioritized critical functions such as payroll and water billing, though the attack has delayed budget preparations, with the preliminary 2025 spending plan due in two weeks. Supervisor Quigley noted that restoring full operational capability remains undetermined as the forensic investigation is ongoing. Despite the disruptions, the town has made significant progress, operating on a restored backup server and working closely with cybersecurity experts to safeguard against future threats. This incident highlights the growing challenges small municipalities face in maintaining cybersecurity and the importance of swift disaster recovery measures to ensure the continuity of essential services.