Ransomware gangs get more aggressive against law enforcement
Criminal hackers are now using increasingly brazen methods to try to extort money from law enforcement agencies, including leaking or threatening to leak highly sensitive and potentially life-threatening information
May 9, 2021, 10:30 PM
7 min read
Share to FacebookShare to TwitterEmail this articleFILE - In this June 1, 2020, file photo, an officer holds a baton and shield as demonstrators gather to protest near the White House in Washington. Police departments big and small have been plagued for years by foreign hackers breaking into networks and causing varying level of mischief, from disabling email systems to more serious problems with 911 centers temporarily knocked offline. (AP Photo/Evan Vucci, File)
RICHMOND, Va., -- Police Chief Will Cunningham came to work four years ago to find that his six-officer department was the victim of a crime.
Hackers had taken advantage of a weak password to break in and encrypt the files of the department in Roxana, a small town in Illinois near St. Louis, and were demanding $6,000 of bitcoin.
“I was shocked, I was surprised, frustrated," Cunningham said.
Police departments big and small have been plagued for years by foreign hackers breaking into networks and causing varying level of mischief, from disabling email systems to more serious problems with 911 centers temporarily knocked offline. In some cases important case files have gone missing.
But things have taken a dark turn recently. Criminal hackers are increasingly using brazen methods to increase pressure on law enforcement agencies to pay ransoms, including leaking or threatening to leak highly sensitive and potentially life-threatening information.
The threat of ransomware has risen to a level that's impossible to ignore, with hardly a day going by without news of a hospital, private business or government agency being victimized. On Saturday, the operator of a major pipeline system that transports fuel across the East Coast said it had been victimized by a ransomware attack and had halted all pipeline operations to deal with the threat.
The increasingly defiant attacks on law enforcement agencies underscore how little ransomware gangs fear repercussions.
In Washington, D.C., a Russian-speaking ransomware syndicate called Babuk hacked into the network of the city's police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid.
A day after the initial threat was posted in late April, the gang tried to spur payment by leaking personal information of some police officers taken from background checks, including details of officers' past drug use, finances and — in at least one incident — of past sexual abuse.
Similar threats were made recently against a small police force in Maine. The police department in Dade City, a small town in Florida, currently has many of its files posted on the dark web by the ransomware gang Avaddon after the city decided not to pay the $450,000 worth of bitcoin that was demanded. Leaked files show pictures of a dead body from a crime scene.
Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they've not seen such aggressive new tactics used before against police departments.
“It should be a wake-up call to government that it finally needs to take strong and decisive action,” said Brett Callow, a threat analyst at the security firm Emsisoft.
Making the ransomware attacks potentially more damaging, police are now able to collect and store more personal information than ever before through advances in surveillance equipment and technologies such as artificial intelligence and facial recognition software.
April Doss, the executive director of the Institute for Technology Law & Policy at Georgetown University Law School, said laws and regulations about how police collect, retain and secure that data are largely unsettled.
“Where that leaves us is with police departments getting to use a great deal of their own discretion in terms of what technologies they adopt and how they use them,” said Doss, who previously worked at the National Security Agency and recently wrote a book on cyberprivacy.
