Apr 28 2016

Police Pay Ransom

Looks like CNN’s prediction that 2016 will be ‘The Year of the Ransomware’ is coming true, and in spectacular fashion. Cyber criminals are targeting the most unlikely of victims: local U.S. police departments!  (http://www.nbcnews.com/news/us-news/ransomware-hackers-blackmail-u-s-police-departments-n561746)


The attacks are based out of Eastern Europe. Since 2013 departments in seven states have reported attacks. NBC News reports that five Maine police departments were locked out of their records management systems last year. Departments in Alabama and New Hampshire were also breached, but refused to pay the ransom. Their records were deleted affecting ongoing criminal cases. More troubling, many local departments are connected with the National Crime Information Center databases. These local police departments may inadvertently allow thieves into a federal database, similar to the Target breach perpetrated through a third party vendor.


The attacks are all the same: targeted Spear Phishing; with either a link to a website or malware embedded in the email. Once opened the ransomware seizes control of data, and in some cases starts deleting backup files working its way through the network.  The FBI often recommends payment of the ransom because of the sophistication of the ransomware encryption.


Cybersecurity training and good cyber hygiene behavior can go a long way to minimizing the risk of ransomware; but it still only takes one employee, not properly trained to open the gate to a cyber attack. Cybersecurity is a people problem, not just a technology problem.