IL Police Meet Ransomware Demands

Wednesday, February 25, 2015 @ 11:02 AM gHale

Every bit of advice security professionals offer is never pay the demands for ransomware. That warning obviously fell on deaf ears at a suburban Chicago police department as officials there paid a $500 ransom to restore access to data on a police computer a hacker disabled.

The police department in Midlothian, IL, a village southwest of Chicago, suffered a hit in January by a form of the Cryptoware virus, which encrypted some files on a department computer, leaving them inaccessible without the encryption key, according to a published report.

RELATED STORIES
DDoS Attack Costs on Rise
Security a Differentiator for Users
Security: A Presidential Mandate
Security Spending to Increase in ‘15

Midlothian Police Chief Harold Kaufman confirmed the department had been hacked but declined to comment further. A Chicago Tribune open records request turned up a village invoice listing the payment with the heading “MPD virus.”

An unknown hacker said if the department wanted the code to access the files, it had to pay a ransom in bitcoin, said Calvin Harden Jr., an information technology vendor who works with the village.

The village had to make a tough decision, Harden said, and chose to make the payment because going after the hacker might have been more trouble than it was worth.

“Because the backups were also infected, the option was to pay the hacker and get the files unencrypted, which is what we decided to do,” he said.

The problem of hackers demanding ransoms from law enforcement and government agencies around the country has been spreading over the past year or two, said Fred Hayes, president of the Illinois Association of Chiefs of Police. The city of Detroit and a sheriff’s office in Tennessee just suffered through Cryptoware attacks by ransom-seekers.

Hayes said his advice to departments is to back up their data. “This is something that quite a few people recently … have been experiencing,” he said.



Leave a Reply

You must be logged in to post a comment.