Posted 29 Apr. 2021

Cyber-attack hackers threaten to share US police informant data

Laurent Halimi blog profile image

By Laurent Halimi

Washington DC's Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report.

A ransomware group called Babuk is reportedly threatening to release sensitive data on police informants if it is not contacted within three days.

The FBI is investigating the extent of the breach, US media reported, citing the Washington DC police department.

Ransomware is used to scramble computer networks and steal information.

Attackers target companies or organisations and can lock their systems, then demand large sums of money in return for ending the hack.

On Monday, Washington DC's police department said in a statement that it was "aware of unauthorised access on our server", AP news agency reported.

"While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter," the statement added, without providing further details of the reported breach.

It is not clear if attackers managed to lock police out of their systems during the breach.

Babuk, a Russian-speaking ransomware group that emerged earlier this year, said it had downloaded "a sufficient amount of information" from the police department's internal networks, AP reports.

Screenshots said to have been posted by the group on the dark web and shared on social media appeared to suggest it had gained access to information on criminal gang activity and police intelligence reports.

The head of UK-based cyber-security consultancy Bridewell Consulting, James Smith, said a risk remained for companies and organisations even if a ransom was paid.

"With these types of attacks, the data has probably been stolen already, before it was encrypted, and the likelihood that the data will be sold or stored by the hacker is great," he said in a statement to the BBC.

Earlier this month, Babuk reportedly targeted the Houston Rockets basketball team with ransomware and claimed to have accessed documents including player contracts and financial data.

A spokeswoman for the Houston Rockets, Tracey Hughes, said that while the group had accessed some information, it failed to install its ransomware because of a security system in place.

Last week, a Russian man in the US pleaded guilty to plotting to extort money from the electric car company Tesla. He planned to use ransomware to steal company secrets for extortion, prosecutors said.

According to media reports, US government agencies have been targeted 26 times so far this year.