The Pittman administration is keeping the details of the ongoing investigation into a “cyber incident” that targeted Anne Arundel County government to itself. Residents and the County Council are in the dark as some services could not be accessed Tuesday after going offline Saturday.

Many county government buildings were closed Monday and some services remained out of commission Tuesday. A number of questions remain unanswered, among them:

How did the attack originate?

How many government departments were affected?

Who are the suspects?

Was county resident, staff, or financial data breached?

What are the financial implications?

When will government services return to full strength?

Residents were unable to pay utility bills or make childcare payments Tuesday. Amanda Renee, a social studies teacher in Baltimore County Public Schools who lives in Brooklyn Park, could not log into the online billing portal and pay her water bill.

“With the uncertainty of what the cyberattack means, I just don’t want to be penalized for something beyond my control,” Renee said.

Calls made to the Office of Finance, which oversees the utility payment system, could not be completed.

Other residents trying to pay county childcare bills were met with a message saying “childcare registration application is currently unavailable.”

The Office of Personnel, which oversees the retirement and pension system, did not return a request for comment on whether county retirees and pension recipients are affected by the incident.

Dave Levin, an associate professor in the Maryland Cybersecurity Center at the University of Maryland, urged those unable to make payments to document their efforts. He said recording the time and content of each payment attempt, phone call made, or document shared could be helpful down the line.

“You would like to imagine a scenario in which grace periods would be provided,” Levin said.

“But the unfortunate thing is, I don’t know if these systems are necessarily built to handle something like this.”

Anne Arundel County Council member Pete Smith, a Severn Democrat, said the council has not received answers to basic questions about the outage.

“Even the council has been limited in what information we were exposed to,” Smith said. “What you know is what I know. The administration has kept a close hold on the specific type of attack that is occurring within the county government.”

Smith, a Marine reservist who by day works at the National Security Agency, said within 24 to 48 hours after an incident, analysts can usually determine the type of attack, the kind of ransomware, if it was used, and what data was affected.

He said he hopes in the coming days more information about the incident will be released by the county, including what, if any, data was affected.

“I don’t even know those details and I work for the county government in the legislative capacity,” Smith said. “I did reach out to the county executive [Monday] and I know he’s probably been inundated with trying to understand the depth of what we are going through.”

A spokesperson for the Pittman administration did not provide an update on the investigation but listed the locations of alternative payment methods for people unable to make a payments online.

Utility and tax bill payments are accepted at yellow payment drop boxes located at the County’s three cashier locations:

44 Calvert St. in Annapolis

101 North Crain Highway in Glen Burnie

2664 Riva Rd. in Annapolis

Levin pointed to three potential explanations for the county’s silence: Unwillingness to address the liability that comes with announcing an attack, not wanting to appear negligent to their cyber insurance provider, or not yet knowing the depth of the incident.

“It can be a lot just to disentangle all of that and figure out how deep the rot is,” Levin said. “It might just be them doing their due diligence.”

Levin and Smith both agreed county officials should release information about the general nature of the incident or notify residents what to do in the meantime.

As of Tuesday evening, the Pittman administration had not released a statement since 5 p.m. on Monday.

“The FBI is aware of the cyber incident impacting Anne Arundel County and is in close contact with county officials,” a spokesperson for the FBI Baltimore Field Office, said in a statement. “Due to this being an ongoing matter, we are unable to provide additional details.”

For nearly 27 years, Smith’s work at Fort Meade and on the civilian side of the military, has made him familiar with cyber-attacks, particularly those on a county government level within the last decade.

He said outdated tech infrastructure and lack of investment in tech security are a potential point of exposure.

“Criminals like to take the path of least resistance,” Smith said. “We are the last ones to actually allocate resources to a proper IT infrastructure. Budgeting is always limited when it comes to resources for those types of back end, infrastructure components.”

Have a news tip? Contact James Matheson at jmatheson@baltsun.com, 443-842-2344 or on X @jamesmatheson__