DC police department hit by apparent extortion attack
The Washington, D
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.
At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.
The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.
Your support makes all the difference.The Washington D.C., police department said Monday that its computer network was breached, and a Russia -speaking ransomware syndicate claimed to have stolen sensitive data, including on informants, that it threatened to share with local criminal gangs unless police paid an unspecified ransom.
The cybercriminals posted screenshots on their dark web site supporting their claim to have stolen more than 250 gigabytes of data.
The District of Columbia's Metropolitan Police Department said in a statement that it had asked the FBI to investigate the “unauthorized access.” There was no indication that any police operations were affected, and the department did not immediately say whether it had been hit by ransomware.
The Babuk group, a relatively new ransomware gang, said on its website that it had “downloaded a sufficient amount of information from your internal networks” and gave the police three days to contact it or "we will start to contact gangs in order to drain the informants."
Screenshots it posted suggested it has data from at least four computers, including intelligence reports, information on gang conflicts, the jail census and other administrative files. One of the images, apparently of network locations accessed by the criminals, showed a text document on one computer entitled “How To Restore Your Files.”
Such documents generally include instructions on how to contact the ransomware criminals, whose standard operating procedure is to exfiltrate sensitive data from networks they infiltrate as they sow malware that, once activated, encrypts data. Only after receiving payment do the criminals provide software keys that unscramble the data.
So far this year, 26 government agencies in the U.S. have been hit by ransomware, with cybercriminals releasing online data stolen from 16 of them, said ransomware analyst Brett Callow of the cybersecurity firm Emsisoft. Ransomware victims don’t always pay, often preferring the arduous task of rebuilding networks from backups.
The D.C. police department said it was taking the threat seriously.
“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter,” the department statement said. An FBI spokeswoman had no immediate comment.
A worsening global epidemic of ransomware attacks is considered a national security threat by many, doing tens of billions of dollars in damage. U.S. law enforcement is relatively powerless to counteract it as most of the criminals enjoy safe harbor in Russia and other nations with weak rule of law.