Maggie Gile
NEWSWEEK
A Russian-speaking ransomware syndicate that stole data from the Washington, D.C., police department said it rejected an initial offer of a $100,000 payment and that if more money is not offered, it will release sensitive information that could put lives at risk, the Associated Press reported.
© Alex Brandon/Associated Press FILE - In this April 2, 2021, file photo, Washington Metropolitan Police Department chief Robert Contee speaks during a news conference in Washington. Political hand-wringing in Washington over Russia's hacking of federal agencies and meddling in U.S. politics has mostly overshadowed a worsening digital scourge with a far broader wallop: crippling and dispiriting extortionary ransomware attacks by cybercriminal mafias. All the while, ransomware gangsters have become more brazen and cocky as they put more and more lives and livelihoods at risk. This week, one syndicate threatened to make available to local criminal gangs data they say they stole from the Washington, D.C., metro police on informants.
The Babuk group said on its website late Monday that it would release "all the data" if the D.C. police didn't "raise the price."
"The negotiations reached a dead end, the amount we were offered does not suit us," the group said.
A day after the initial threat, the gang leaked personal information of some police officers taken from background checks, including details of officers' past drug use, finances and of past sexual abuse.
For more reporting from the Associated Press, see below.
The extortion threat comes amid a separate ransomware attack on the Colonial Pipeline that's affected part of the nation's fuel supply, highlighting the power of internet-savvy criminal gangs to sow mayhem from a half a world away with impunity.
D.C. police did not immediately comment and has not said whether it's negotiated any possible payment.
On Tuesday, the gang released screenshots that appear to be negotiations with the department. They show the gang asked for $4 million and received a counter-offer of $100,000. The authenticity of the screenshots could not be independently confirmed.
If true, it's an example how complex the ransomware problem is when even police find themselves forced to consider making payments to criminal gangs.
Late last month, the group said it had hacked into the network of the city's police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid. Experts said such a release could endanger the lives of the informants.
Babuk leaked similar background files on Monday with its threat to release more, said Brett Callow, a threat analyst and ransomware expert at the security firm Emsisoft.
"This is far worse than any hack of other police departments previously," Callow said, adding that he's never seen a law enforcement agency pay a ransom before.
Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they've not seen such aggressive new tactics used before against police departments. The cybercriminal mafias mostly operate in foreign safe havens out of the reach of Western law enforcement.
The average ransom payments last year were $310,000, up 171% from 2019, according to Palo Alto Networks.
Related Articles
Gab CEO Andrew Torba Condemns Threats of Violence Against Social Network's Hackers
What is DarkSide? Russia-Linked Hacker Group Behind Colonial Pipeline Shutdown
Gas Shortages, Long Lines Across Southeast After Colonial Pipeline Cyberattack
Russian Ransomware Group Claims Credit for Cyber Attack on D.C. Metro Police
The Babuk group said on its website late Monday that it would release "all the data" if the D.C. police didn't "raise the price."
"The negotiations reached a dead end, the amount we were offered does not suit us," the group said.
A day after the initial threat, the gang leaked personal information of some police officers taken from background checks, including details of officers' past drug use, finances and of past sexual abuse.
For more reporting from the Associated Press, see below.
The extortion threat comes amid a separate ransomware attack on the Colonial Pipeline that's affected part of the nation's fuel supply, highlighting the power of internet-savvy criminal gangs to sow mayhem from a half a world away with impunity.
D.C. police did not immediately comment and has not said whether it's negotiated any possible payment.
On Tuesday, the gang released screenshots that appear to be negotiations with the department. They show the gang asked for $4 million and received a counter-offer of $100,000. The authenticity of the screenshots could not be independently confirmed.
If true, it's an example how complex the ransomware problem is when even police find themselves forced to consider making payments to criminal gangs.
Late last month, the group said it had hacked into the network of the city's police department and threatened to leak the identities of confidential informants unless an unspecified ransom was paid. Experts said such a release could endanger the lives of the informants.
Babuk leaked similar background files on Monday with its threat to release more, said Brett Callow, a threat analyst and ransomware expert at the security firm Emsisoft.
"This is far worse than any hack of other police departments previously," Callow said, adding that he's never seen a law enforcement agency pay a ransom before.
Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they've not seen such aggressive new tactics used before against police departments. The cybercriminal mafias mostly operate in foreign safe havens out of the reach of Western law enforcement.
The average ransom payments last year were $310,000, up 171% from 2019, according to Palo Alto Networks.
Related Articles
Gab CEO Andrew Torba Condemns Threats of Violence Against Social Network's Hackers
What is DarkSide? Russia-Linked Hacker Group Behind Colonial Pipeline Shutdown
Gas Shortages, Long Lines Across Southeast After Colonial Pipeline Cyberattack
Russian Ransomware Group Claims Credit for Cyber Attack on D.C. Metro Police
No comments:
Post a Comment