DC Police Department Rocked By Ransomware Attack, Hackers Threaten Massive Data Dump

Police Car
The same group of hackers that hit the NBA's Houston Rockets basketball team with a ransomware attack earlier this month has now turned its sights on the police force in Washington, D.C. It is the latest in a string of concerning ransomware attacks aimed at police over the past several weeks, where data leaks can put people's lives in danger.

More than just a potentially embarrassing situation, in which private information could be revealed to the public, unscrupulous hackers are also threatening to reveal the identity of police informants to gangs, according to a post on the dark web viewed by The New York Times. In such a scenario, a data dump could conceivably result in actual bodily harm, and even death.

The group calls itself Babuk, and it seems to specialize in ransomware attacks. That's when a hacker or collection of hackers breach a system and either steal confidential data and threaten to leak it, or encrypt the data on a victim's PC or network (or both). They demand a ransom, usually in Bitcoin, in exchange for a decryption key and in exchange for not posting the stolen data online.

According to the dark web post, Babuk possess 250 gigabytes of data stolen from the Washington, D.C. police department. The group is threatening to dump the data online for all to see if a ransom is not paid in three days. In addition, the group said it will carry out more attacks on the state sector, which includes the FBI and Homeland Security.

This is a concerning trend. Last week, for example, hackers attempted to extort $50 million from Quanta after allegedly stealing schematics for unreleased Apple products. According to NYT, over two dozen government agencies have fallen victim to ransomware attacks since the beginning of the year. That includes three police departments in the past six weeks alone. Some police departments run very old software on data systems, making them especially susceptible to hacking efforts.

A spokesperson for the police department in Washington, D.C. said the agency is aware of "unauthorized access on our server" and has brought the FBI in to help investigate the situation, though it is not clear if the hackers managed to encrypt their data.

The growing threat of ransomware has caught the attention of the Biden administration, which is preparing an executive order aimed at curtailing these types of cyber attacks.