Ransomware Monitor Blog

All Blogs
View Group

Police Pay Hacker Ransom
Posted by Unknown
Saturday, November 12, 2016 17:29

Police departments are regular victims of ransomware viruses. Police departments regularly pay to hackers. What's wrong with the system? There is a government rule of not paying ransoms to criminals, but it is not working at all.

To serve and protect their moto is. How can they protect us if they cannot protect themselves?

Crime is moving from the streets to computers. Although special agencies should take care of cyber crime, ordinary officers should adapt too. At least they should be able to protect themselves in order to be able to keep records of offline crime and stop offline crime. If we can’t rely on the people enforcing our laws to stand up to criminals, then we’re in trouble.

Ransomware cases when departments paid to hackers appear every month. Amounts were not big but they may grow. Here is list of some cases.

1)   Swansea, Massachusetts, November 2013, paid $750

2)   Dickson, Tennessee, October 2014, paid $572

3)   Tewksbury, Massachusetts, December 2014, paid $500

4)   Midlothian, Illinois, January 2015, paid $500

5)   Lincoln County, Maine, April 2015, paid $300

6)   Melrose, Massachusetts, February 2016, paid $489

In many cases we see that even basic infosec measures are not met.

Shocking comment from police officers:

“It was an education for those who had to deal with it.” 

“It was an eye opening experience, I can tell you right now. It made you feel that you lost control of everything. Paying the Bitcoin ransom was the last resort.”

So, they are still unaware of Internet and learning. Have they heard of breaches? What are they doing in this direction? Education should have been taken place before during systematical cyber security learning courses. Why do policemen still click on attachments? This is the oldest well known infection method for all viruses not only ransomware.

“The virus is so complicated and successful that you have to buy these Bitcoins, which we had never heard of.”

They know nothing of Bitcoins and say it is so complicated virus? What do they know? Even children know it. It’s not just paying ransom, with Bitcoins it is clearly the money laundering scheme officers are helping with. Do they know from whom they bought those Bitcoins and where it will go? More and more ransomware cases show that funds go into launching bigger spam campaigns and exploit developments.

“We’ve upgraded our antivirus software.”

Why wasn’t that done before? These are minimum measures every child should know. In the Internet era, do they have IT procedures at all?

“This isn’t a breach. The data stays interior, but this virus encrypts it and prevents it from being readable.” 

 “No outside parties gained access to any personal information, and that the police department did not lose any files. We were never compromised.”

Never compromised? Hackers planted a virus and managed to encrypt files. Ransomware needs to communicate with its Command and Control servers to encrypt data. Encryption keys were sent back and forth. Are they 100% sure other data was not sent out? How do they know that no vital data was lost or stolen? Xbot ransomware for example which is 3-in-1  - it seals data, encrypts data, and is a banking Trojan. Virus does not come alone. It drops backdoor, key-loggers, rootkits. You never know until you rebuild the system completely. Have they done it?

“Although a substantial portion of the data encrypted on the report management server was able to be restored from backups, there were still approximately 72,000 files affected on the host computer. Documents vital to our ongoing investigations, booking documents, records, records of issued equipment, documents related to current and past prosecutions and other non-replaceable documents.”

They lack policies, important data should be all kept in backups. Backups should be standard operating procedure in any police/government office. You don’t run a police department by the seat of your pants, you check and double check everything that has to do with evidence or records. Only half of departments have policies in place to minimize the risk of cyberattacks, according to a 2013 survey from the International Association of Chiefs of Police.



No events scheduled

February 26, 16:15 PM

February 09, 23:21 PM

February 09, 21:59 PM

February 09, 21:39 PM