Cops pay $500 ransom to unlock their computers

elohiym · Apr 9, 2015

Are you next? And what can you do about it if the cops are being forced to pay?

Massachusetts police department pays $500 CryptoLocker ransom

A Massachusetts police department paid $500 to free up town files that had been encrypted by CryptoLocker, the ransomware that locks down hard drives until the owners pay up.

Police in Tewksbury, Mass., came up with the ransom after four or five days when they realized they could not break the encryption and needed the attackers to send them the private key in order to access the data.

“It basically rendered us inoperational with respect to the software we use to run the Police Department,” Police Chief Timothy Sheehan told the Tewksbury Town Crier. The incident occurred last December, with the infection taking place Dec. 7 on a workstation.

Attackers moved laterally through the network until they corrupted the department’s main server. Police had files backed up on an external hard drive that was also corrupted, so they either had to pay the $500 or lose the data permanently.

State police and the FBI both consulted on the case, as did Delphi Technology Solutions and Stroz Friedberg, a forensics company. None of them could crack the encryption so the department paid, the Crier said. Stroz Friedberg converted the $500 ransom into bitcoins and paid on behalf of the department.

elohiym · Apr 9, 2015

The idea of "ransomwear" is worrying, to say the least.

elohiym · Apr 9, 2015

Cryptolocker victims to get files back for free

Oddly, that was a story from last year. The story in the OP appears to be recent. :idunno:

rexlunae · Apr 9, 2015

elohiym said:
Are you next? And what can you do about it if the cops are being forced to pay?

The way to deal with ransomwear is to not get it in the first place. Follow safe and sane IT security procedures, including a reasonable backup regime, and it likely won't happen, and if it does, you can just restore your data from backup instead of paying ransom.

The thing that concerns me about it is not that it happened in the first place, as that's the kind of world we live in, but the fact that it was able to happen to an organization that should have the kind of funding needed to protect themselves, and an organization that deals with personal data for a lot of people. But it's no surprise that they didn't. A lot of organizations only focus on security once they've been bitten by ignoring it.

rexlunae · Apr 9, 2015

elohiym said:
The idea of "ransomwear" is worrying, to say the least.

If you want to really fret about something, think of all the organizations that have your personal information, some of which you can control some of which you can't, banks, retailers, government agencies, a university you went to decades ago, your dentist and your doctor, credit agencies, and every single one of them is a security timebomb waiting to explode. Some, maybe even most of them know what they're doing, and can generally prevent breaches most of the time, but a worrying number of them can't, and no one can prevent all breaches.

elohiym · Apr 15, 2015

rexlunae said:
The way to deal with ransomwear is to not get it in the first place. Follow safe and sane IT security procedures, including a reasonable backup regime, and it likely won't happen, and if it does, you can just restore your data from backup instead of paying ransom.

I agree.

Cops pay $500 ransom to unlock their computers

elohiym

Well-known member

elohiym

Well-known member

elohiym

Well-known member

rexlunae

New member

rexlunae

New member

elohiym

Well-known member