Russian hackers target US police in apparent ransomware attack

Russian hackers breached Washington DC police department’s database and have threatened to share information with criminal gangs unless it pays an unspecified ransom.

A Russian-speaking ransomware syndicate has claimed to have stolen sensitive data, including on informants, the police force said.

The cybercriminals posted screenshots on their dark web site supporting their claim to have stolen more than 250 gigabytes of data.

Details of the hack were revealed by the DC police department on Monday, which has asked the FBI to investigate the “unauthorised access” to its computer network.

There was no indication that any police operations were affected, and the force did not immediately say whether it had been hit by ransomware.

The Babuk group, a relatively new ransomware gang, said on its website that it had “downloaded a sufficient amount of information” from the database.

More from Russia

  • Russia’s ‘extermination’ of Alexei Navalny’s opposition group – 13,000 arrests and a terrorist designation

  • UK government imposes sanctions on 22 people accused of serious corruption

  • Alexei Navalny: Russia suspends activities of Kremlin critic’s regional groups pending decision to label them ‘extremist’

  • West faces ‘moment of reckoning’ in technology threat from China, warns GCHQ head

  • Alexei Navalny: Kremlin critic says he will end hunger strike and has lost feeling in arms and legs in Instagram post

  • Russia pulling troops back from near Ukraine border in move that will cool tensions in region

The group gave DC police three days to contact it or said it would “start to contact gangs in order to drain the informants”.

Screenshots it posted online suggested it has data from at least four computers, including intelligence reports, information on gang conflicts, the jail census and other administrative files.

The Washington DC police department said it was taking the threat seriously.

It said in a statement: “We are aware of unauthorised access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.”

Listen to “Episode Three: Hack & Leak”.

Subscribe to Into The Grey Zone on Apple Podcasts, Spotify, Spreaker

One of the images posted on the internet by the hackers showed a text document on one computer called “How To Restore Your Files”.

Such documents generally include instructions on how to contact the ransomware criminals. Only when after the ransom demanded is paid do they provide software keys to unscramble the stolen data encrypted with malware.

So far this year, 26 government agencies in the US have been hit by ransomware, with cybercriminals releasing online data stolen from 16 of them, according to ransomware analyst Brett Callow, of the cybersecurity firm Emsisoft.

Please use Chrome browser for a more accessible video player

US ‘prepared to take further action’ against Russia

Last week US President Joe Biden imposed new sanctions on the Russian government and expelled 10 diplomats in retaliation for hacking and election interference.

The move represented the first retaliatory measures announced against the Kremlin over allegations of both interference in last year’s presidential election and the hacking of federal agencies, familiarly known as the Solarwinds breach.

In addition, the US Department of Justice announced it has formed a special unit to tackle growing ransomware attacks on critical organisations.

Mark Gibson

Graduates in Northwestern University, Evanston, Illinois 1990. Move to Los Angeles California in 2004. Specialized in Internet journalism.

Leave a Reply

Your email address will not be published. Required fields are marked *