Saudi Alyoom

Russian hackers target US police in apparent ransomware attack

69

Russian hackers breached Washington DC police department’s database and have threatened to share information with criminal gangs unless it pays an unspecified ransom.

A Russian-speaking ransomware syndicate has claimed to have stolen sensitive data, including on informants, the police force said.

The cybercriminals posted screenshots on their dark web site supporting their claim to have stolen more than 250 gigabytes of data.

Details of the hack were revealed by the DC police department on Monday, which has asked the FBI to investigate the “unauthorised access” to its computer network.

There was no indication that any police operations were affected, and the force did not immediately say whether it had been hit by ransomware.

The Babuk group, a relatively new ransomware gang, said on its website that it had “downloaded a sufficient amount of information” from the database.

The group gave DC police three days to contact it or said it would “start to contact gangs in order to drain the informants”.

Screenshots it posted online suggested it has data from at least four computers, including intelligence reports, information on gang conflicts, the jail census and other administrative files.

The Washington DC police department said it was taking the threat seriously.

It said in a statement: “We are aware of unauthorised access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.”

One of the images posted on the internet by the hackers showed a text document on one computer called “How To Restore Your Files”.

Such documents generally include instructions on how to contact the ransomware criminals. Only when after the ransom demanded is paid do they provide software keys to unscramble the stolen data encrypted with malware.

So far this year, 26 government agencies in the US have been hit by ransomware, with cybercriminals releasing online data stolen from 16 of them, according to ransomware analyst Brett Callow, of the cybersecurity firm Emsisoft.

Last week US President Joe Biden imposed new sanctions on the Russian government and expelled 10 diplomats in retaliation for hacking and election interference.

The move represented the first retaliatory measures announced against the Kremlin over allegations of both interference in last year’s presidential election and the hacking of federal agencies, familiarly known as the Solarwinds breach.

In addition, the US Department of Justice announced it has formed a special unit to tackle growing ransomware attacks on critical organisations.

Comments are closed.