Lost “possibly the most significant ransomware incident to date” due to a threat to Washington, DC agents, according to the expert.
The U.S. capital’s police department has suffered a massive leak of internal information after refusing to meet blackmail demands from a Russian-speaking ransomware syndicate. Experts said it was the most serious ransomware attack known to have reached a US police department.
The band, known as the Babuk group, released thousands from Washington, DC, Metropolitan Police Department sensitive documents on the dark web Thursday.
A review by The Associated Press found hundreds of disciplinary files of police officers and intelligence reports that included work from other agencies, including the FBI and the Secret Service.
Ransomware attacks they have reached epidemic levels as foreign criminal gangs paralyze the computer networks of state and local governments, police departments, hospitals, and private companies. They require large payments to decrypt stolen data or to prevent it from leaking online.
A cyber attack last week shut down the Colonial Conduct, the largest gas pipeline in the country, which led to gas grabbing and panic buying in some parts of the southeast.
Brett Callow, a threat analyst and ransomware expert at security firm Emsisoft, said police leaking is “possibly the most significant ransomware incident to date” because of the risks it poses to agents and civilians.
Some of the documents included security information from other law enforcement agencies related to President Joe Biden’s inauguration, including a reference to an “embedded source” with a group of militias.
A document detailed the steps taken by the FBI in the investigation of two tubular bombs left at the headquarters of the Democratic National Committee and the Republican National Committee before the insurrection at the US Capitol on January 6th.
This includes “big data” from cell towers and plans to “analyze purchases” of Nike shoes worn by a person of interest, according to the document.
The police department did not immediately respond to a request for comment from the AP, but previously said the personal information of some officers was stolen.
Some of this information was previously leaked, revealing personal information from some officers drawn from background checks, including details of his past drug use, finances and, in at least one incident, past sexual abuse.
Recently published files include details of disciplinary proceedings of hundreds of agents dating back to 2004. The files often contain delicate and embarrassing private data.
“This will cause a shock from the police community across the country,” Ted Williams, a former department officer who is now a lawyer, told The Associated Press.
Represents a retired officer whose background file was included in a previous leak.
Williams said making the background and disciplinary records public makes it difficult for officers to do their job.
“The more criminals know about a police officer, the more criminals try to use that to their advantage,” he said.
The Babuk group indicated this week that it wanted $ 4 million not to release the files, but that it was only offered $ 100,000.
Absolutely fascinating to see the actual negotiations between the Police and the Babuk ransomware attackers.
– Ray [REDACTED] (@RayRedacted) May 13, 2021
The department has not said whether it made the offer. Any negotiations would reflect the complexity of the ransomware problem and the police would be forced to consider making payments to criminal gangs.
The FBI, which helps in this case, discourages ransomware payments.