Hackers Threaten To Publish Police Informant Data

Washington DC's Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report. The cyber criminals posted screenshots on their dark website supporting their claim to have stolen more than 250 gigabytes of data. The District of Columbia's Metropolitan Police Department said in a statement that it had asked the FBI to investigate the "unauthorised access." 

A ransomware group called Babuk is reportedly threatening to release sensitive data on police informants if it is not contacted within three days. The group warns it will start leaking information about police informants to criminal gangs if the police department doesn’t contact it within three days.

Babuk is thought to be a Russian based hacking group previously associated with breaches outside the US that has recently turned its attention to criminal ransom. Ransomware is used to scramble computer networks and steal information. Attackers target organisations with the aim to lock-down their systems and demand large sums of money in return for ending the hack. It is not clear if attackers managed to lock police out of their systems during the breach. 

Screenshots said to have been posted by the group on the dark web and shared on social media appeared to suggest it had gained access to information on criminal gang activity and police intelligence reports. 

"While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter," the statement added, without providing further details of the reported breach." the Washington Police Dept. said in a statement.  

US government agencies have been targeted multiple times so far this year as a the imact of the disastrous SolarWinds breach continues. 

A worsening global epidemic of ransomware attacks is considered a national security threat by many, doing tens of billions of dollars in damage. US law enforcement is relatively powerless to counteract it as most of the criminals enjoy safe harbour in Russia and other nations with weak rule of law.

The Biden administration is attempting to improve the USA’s cyber security defenses, with an executive order expected soon. The Justice Department also recently formed a task force to help defend against ransomware attacks. By identifying ransomware as a priority, the task force will increase training and dedicate more resources to the issue, seek to improve intelligence sharing across the department, and work to identify “links between criminal actors and nation-states,” according to the memorandum.

The Verge:         CTV News:       BBC:      Wall Street Journal:     Sky:      ITPro:

You Might Also Read: 

British Police Launch CyberAlarm:

 

« Facebook And Apple Clash
Risks Of Bias In ‘Emotional AI’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ISO Quality Services Ltd

ISO Quality Services Ltd

ISO Quality Services is an independent organisation that specialises in the implementation, certification and continued auditing of ISO and BS EN Management Standards including ISO 27001..

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

CANVAS Consortium

CANVAS Consortium

The CANVAS Consortium aims to unify technology developers with legal and ethical scholar and social scientists to approach the challenges of cybersecurity.

Decision Group

Decision Group

Decision Group are a Total Solution Supplier offering Network Forensics and Lawful Interception tools.

Uhuru Corp

Uhuru Corp

Uhuru offers a wide variety of IoT products and solutions including enebular® IoT Orchestration Service.

CyVolve

CyVolve

Cyvolve is the next great leap forward in data security, ensuring constant encryption and pervasive control over all your data.

BigPanda

BigPanda

BigPanda is the first provider of Autonomous Operations solutions that empower IT Operations at large, complex enterprises.

Parameter Security

Parameter Security

Parameter Security is a provider of ethical hacking and information security services.

Octo

Octo

Octo, an IBM company, is a technology firm dedicated to solving the Federal Government’s most complex challenges, enabling agencies to jump the technology curve.

Innovex Global

Innovex Global

Innovex is a full-service executive search and advisory business that engages with early-stage startups, scale-ups, and established businesses in the Fintech, Cybersecurity and Technology industries.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

Appalachia Technologies

Appalachia Technologies

Appalachia is a full service Managed Services Provider with a focus on cybersecurity, backed by the best engineers.

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions (ICSS)

Indian Cyber Security Solutions is an Enterprise Cyber Security Platforms company offering Cyber Security & Technical Education and Compliance & Penetration Testing Services.

ProjectDiscovery

ProjectDiscovery

ProjectDiscovery is an open-source, cybersecurity company that builds a range of software for security engineers and developers.

Zanutix Consulting

Zanutix Consulting

Zanutix specialize in a wide range of services including Network Design and Implementation, Data Management, Cloud Solutions, Software Development and Cybersecurity.