Hackers Threaten To Publish Police Informant Data

Washington DC's Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report. The cyber criminals posted screenshots on their dark website supporting their claim to have stolen more than 250 gigabytes of data. The District of Columbia's Metropolitan Police Department said in a statement that it had asked the FBI to investigate the "unauthorised access." 

A ransomware group called Babuk is reportedly threatening to release sensitive data on police informants if it is not contacted within three days. The group warns it will start leaking information about police informants to criminal gangs if the police department doesn’t contact it within three days.

Babuk is thought to be a Russian based hacking group previously associated with breaches outside the US that has recently turned its attention to criminal ransom. Ransomware is used to scramble computer networks and steal information. Attackers target organisations with the aim to lock-down their systems and demand large sums of money in return for ending the hack. It is not clear if attackers managed to lock police out of their systems during the breach. 

Screenshots said to have been posted by the group on the dark web and shared on social media appeared to suggest it had gained access to information on criminal gang activity and police intelligence reports. 

"While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter," the statement added, without providing further details of the reported breach." the Washington Police Dept. said in a statement.  

US government agencies have been targeted multiple times so far this year as a the imact of the disastrous SolarWinds breach continues. 

A worsening global epidemic of ransomware attacks is considered a national security threat by many, doing tens of billions of dollars in damage. US law enforcement is relatively powerless to counteract it as most of the criminals enjoy safe harbour in Russia and other nations with weak rule of law.

The Biden administration is attempting to improve the USA’s cyber security defenses, with an executive order expected soon. The Justice Department also recently formed a task force to help defend against ransomware attacks. By identifying ransomware as a priority, the task force will increase training and dedicate more resources to the issue, seek to improve intelligence sharing across the department, and work to identify “links between criminal actors and nation-states,” according to the memorandum.

The Verge:         CTV News:       BBC:      Wall Street Journal:     Sky:      ITPro:

You Might Also Read: 

British Police Launch CyberAlarm:

 

« Facebook And Apple Clash
Risks Of Bias In ‘Emotional AI’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSO

CSO

CSO serves enterprise security decision-makers and users with the critical information they need to stay ahead of evolving threats and defend against criminal cyberattacks.

AET Europe

AET Europe

AET Europe is specialised in creating technological solutions for user identification and authentication.

DocAuthority

DocAuthority

DocAuthority automatically discovers and accurately identifies unprotected, sensitive documents, enabling a broad yet business-friendly security policy.

Mnemonica

Mnemonica

Mnemonica specializes in providing data protection system, information security compliance solutions, cloud and managed services.

SkillCube

SkillCube

SkillCube is one of the pioneers in India focusing on Cyber Security Skill Development Solutions.

Standards Council of Canada (SCC)

Standards Council of Canada (SCC)

SCC leads and facilitates the development and use of national and international standards and accreditation services in Canada.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

Paradyn

Paradyn

Paradyn-managed security services can provide a holistic view of your business environment, no matter how simple or complex it is.

Cymptom

Cymptom

At Cymptom our purpose is to enable security managers to see at a glance all urgently risky gaps  in their organizations’ security posture at any given moment.

Pratum

Pratum

Pratum is an information security services firm that helps clients solve challenges based on risk, not fear.

Cyber Tzar

Cyber Tzar

Cyber Tzar is a new approach at dealing with an old problem; assessing and managing risks to your IT estate.

Appurity

Appurity

Appurity specialises in mobile and application security, delivering comprehensive solutions across all verticals.

ImmuneBytes

ImmuneBytes

ImmuneBytes is a cutting-edge security startup that aims to provide a secure blockchain environment for a dependable and open Web3 ecosystem.

NexusTek

NexusTek

NexusTek is a managed IT services provider with a comprehensive portfolio comprised of end-user services, cloud, infrastructure, cyber security, and IT consulting.

SeQure

SeQure

SeQure is a cutting-edge startup specializing in the development of advanced security infrastructure for artificial intelligence and blockchain.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business’ needs.