Cyber-attack hackers threaten to share US police informant data
Washington DC's Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report.
A ransomware group called Babuk is reportedly threatening to
release sensitive data on police informants if it is not contacted within three
days.
The FBI is investigating the extent of the breach, US media
reported, citing the Washington DC police department.
Ransomware is used to scramble computer networks and steal
information.
Attackers target companies or organisations and can lock
their systems, then demand large sums of money in return for ending the hack.
On Monday, Washington DC's police department said in a
statement that it was "aware of unauthorised access on our server",
AP news agency reported.
"While we determine the full impact and continue to
review activity, we have engaged the FBI to fully investigate this
matter," the statement added, without providing further details of the
reported breach.
It is not clear if attackers managed to lock police out of
their systems during the breach.
Babuk, a Russian-speaking ransomware group that emerged
earlier this year, said it had downloaded "a sufficient amount of
information" from the police department's internal networks, AP reports.
Screenshots said to have been posted by the group on the
dark web and shared on social media appeared to suggest it had gained access to
information on criminal gang activity and police intelligence reports.
The head of UK-based cyber-security consultancy Bridewell
Consulting, James Smith, said a risk remained for companies and organisations
even if a ransom was paid.
"With these types of attacks, the data has probably
been stolen already, before it was encrypted, and the likelihood that the data
will be sold or stored by the hacker is great," he said in a statement to
the BBC.
Earlier this month, Babuk reportedly targeted the Houston
Rockets basketball team with ransomware and claimed to have accessed documents
including player contracts and financial data.
A spokeswoman for the Houston Rockets, Tracey Hughes, said
that while the group had accessed some information, it failed to install its
ransomware because of a security system in place.
Last week, a Russian man in the US pleaded guilty to
plotting to extort money from the electric car company Tesla. He planned to use
ransomware to steal company secrets for extortion, prosecutors said.
According to media reports, US government agencies have been
targeted 26 times so far this year.
Comments
Post a Comment