Ransomware strikes again, Police lose eight years’ worth of case evidence due to attack

Ransomware strikes again, Police lose eight years’ worth of case evidence due to attack

February 01 2017 | Published by Jennifer Bullock | Blog

8 years' worth of digital evidence lost after a police departments server was compromised with Ransomware.

'Oops' doesn’t quite cover it, as body cam footage, dash cam footage, photos and other digitally stored case evidence has been lost in a Ransomware attack on Cockrell Hill Police Department in Dallas.

The instigators of the Ransomware attack are still unknown, however it was carried out in December and had been introduced to the network via a spam email from a cloned, department issued, email address.

When the virus hit the department, the server was immediately disconnected and the FBI cybercrimes unit contacted. The FBI advised that even  if the ransom were to be paid there is a strong possibility the decryption key would not be released and thus the Cockrell Hill Police Department decided against paying the $4,000 demand and instead wiped the server.

Whether this was or was not the right decision can be speculated upon, however, either way, as a result, eight years of data stored on the server was lost. Including case evidence.

There was a press release which read as follows;

"This virus affected all Microsoft Office Suite documents, such as Word documents and Excel files. In addition, all body camera video, some in-car video, some in-house surveillance video, and some photographs that were stored on the server were corrupted and were lost. No information contained in any of those documents, videos, or photographs was extracted or transmitted outside of the Police Department.”

Unfortunately all of the lost files are entirely gone. The automatic back up did not kick in until after the attack so the only files backed up were already infected.

Ransomware has hit hard so far this year, with 123 out of 187 of the Washington D.C's CCTV cameras being wiped out for 48 hours just before Trumps inauguration, with recovery taking 3 days and the NHS targetting continuing to be a problem. 

The cyber criminals initiating these Ransomware attacks are getting more and more inventive with ways to really get companies backs against the walls, they are targeting businesses and departments who are dependent on their data.

However the increase in those choosing to lose their files rather than pay the ransom is slowly on the increase according to latest stories.

Could you as a company afford to adhere to a ransom demand or lose an entire servers worth of data?

Times are tight and data is precious, so we may have the answer for you. Whether your preference is a cloud based solution or on premise, we've got options. Sophos EXP and Intercept X offer industry leading Ransomware answers.

Want to find out more and avoid a painful, expensive and unnecessary decision? Give us a call on 01284 788900. 

From: Police lost 8 years of evidence in ransomware attack

Police in Cockrell Hill, a community in southwest Dallas, admitted to losing digital evidence from as far back as 2009 after the department’s server was compromised with ransomware. Cockrell Hill Police Department Chief Stephen Barlag said, “As a result, all bodycam video, some photos, some in-car video, and some police department surveillance video were lost.”


Read Full Article