Hackers who claim to have infiltrated the D.C. police department’s computer network are threatening to publicize confidential files that could reveal names of suspected gang members and intelligence from crime briefings, according to online posts reviewed by cybersecurity experts.
A ransomware entity called Babuk posted its warning on the dark Web, purporting to have downloaded a vast array of information, and warned police to “get in touch as soon as possible and pay us, otherwise we will publish the data.”
The group posted several pictures of suspected gang members and maps drawn by police of territories claimed by street crews, a sample of information experts say is meant to prove their threats are real. Babuk said it downloaded 250 gigabytes of data, which could be large enough to store up to 70,000 photos or tens of thousands of documents, according to computer security experts.
Babuk displayed screenshots of dozens of file folders, including ones dealing with discipline and listed by officer names, and others titled “known shooters,” “most violent person,” “RAP feuds,” “gang conflict report” and “strategic crime briefings.”
Authorities including the FBI are trying to determine whether Babuk actually has gained access to those files.
One security expert provided screenshots of the group’s online comments to The Washington Post. A D.C. official familiar with the investigation, who spoke on the condition of anonymity because a probe is underway, confirmed the city is looking into the claims believed to be made by Babuk.
“It’s fair to say it’s very serious,” said D.C. Council member Charles Allen (D-Ward 6), who chairs the public safety committee. “It’s open to assessment as to how serious.”
Allen said authorities “are trying to assess and understand what happened,” and what type of information may have been stolen. He said he learned the hackers probably did not get access to files shared by the District and federal law enforcement authorities.
But still, if the group has the documents it claims, revealing them could affect ongoing criminal investigations, publicize personal information about police officers and put the lives of informants and others at risk.
D.C. police issued a brief statement Monday that said the department was “aware of unauthorized access on our server” and was working to “determine the full impact.” District officials did not comment further on Tuesday.
[Hackers take over D.C. police security cameras ahead of presidential inauguration]
Two cybersecurity experts who track ransomware attacks said the threat against D.C. police was posted on the dark Web on Monday. Along with the screenshots of purported police files, the group wrote:
“Hello! Even an institution such as DC can be threatened, we have downloaded a sufficient amount of information from your internal networks, and we advise you to contact us as soon as possible, to prevent leakage. If no response is received within 3 days, we will start to contact gangs to drain the informants.”
They warned, “even larger attacks await you soon.”
Malware attacks have been a persistent problem for businesses, hospitals, schools and government agencies across the country.
D.C. police were targeted in 2017 when hackers took over 126 outdoor surveillance cameras days before the presidential inauguration. Authorities accused two Romanians and said they had planned to use police computers to email ransomware to tens of thousands of accounts, essentially running an extortion scheme using government infrastructure to hide their tracks.
Last year, Fairfax County schools in Virginia were targeted, and some employee data was compromised.
In 2019, Baltimore was struck in a ransomware attack that crippled the city’s ability to process payments and online real estate transactions, and took down municipal emails. The hackers demanded tens of thousands of dollars to restore systems.
The Baltimore Sun estimated the attack cost the city about $18 million in lost revenue and money spent to restore the systems and improve security.
Two cybersecurity experts interviewed said hackers are now employing different tactics. Instead of shutting down a system to extort money, they are stealing information and then demanding money to not disclose it.
That appears to be what happened to D.C. police, the experts said.
Brett Callow, an analyst for the New Zealand-based cybersecurity company Emsisoft, said ransom notes can be sent separately to the targets.
He said the screenshots of files are meant to show D.C. police that the hackers possess information. He likened the postings to “the equivalent of a kidnapper sending a pinkie finger” to a victim. “If the organization doesn’t pay,” Callow said, “they start publishing.”
Callow, who has been monitoring postings regarding D.C. police and provided The Post with a copy, said Babuk is fairly new to ransomware attacks. He said the group previously targeted the Houston Rockets. Bloomberg News reported Babuk threatened to expose the team’s files containing contracts, customer information and nondisclosure agreements.
But Callow said that if Babuk really has obtained the information it says it has, D.C. police “wouldn’t be their only option for monetizing the attack.” He said they could sell the information to gangs who would probably covet raw police intelligence about them or their rivals.
Kimberly Goody, the senior manager of cybercrime for Mandiant Threat Intelligence, with offices in California and Virginia, said even if a target pays the ransom, there is no guarantee the group will delete the data. She said they might even sell it to somebody else.
Having the data, Goody said, “gives them additional leverage.” No matter what the target does, she said, the group “will always have that hanging over their heads. . . . Even if you do pay them, you don’t have any guarantees.”
She said some ransomware groups have followed through with their threats; there also are reports of businesses or agencies paying the ransom.
Goody said she largely agrees with the government authorities that organizations should not pay. “It incentivizes other criminals in the future,” she said. But Goody said in some cases, lives may be in jeopardy, and officials “may have to negotiate because they don’t have another option.”
Julie Tate contributed to this report.
D.C. to pay $1.6 million to settle mass arrest lawsuits from 2017 Trump inauguration
A dark parking lot in Maryland, an off-duty officer and the night one man saw his friends die
Two friends fatally struck by vehicle at Hains Point were advocates for the homeless
"claim" - Google News
April 28, 2021 at 06:12AM
https://ift.tt/2QBAohk
Hackers claim to have infiltrated internal D.C. police files - The Washington Post
"claim" - Google News
https://ift.tt/2FrzzOU
https://ift.tt/2VZxqTS
Bagikan Berita Ini
0 Response to "Hackers claim to have infiltrated internal D.C. police files - The Washington Post"
Post a Comment