U.S. Police Departments Become Frequent Victims of Ransomware Hackers

A couple of months ago the Police Department in Azusa, California was attacked by the operators of the DoppelPaymer ransomware, who infiltrated the computers of the small police department and gained access to critical information and then demanded a ransom payment.

The attack was kept secret for the next few weeks, and was only notified to a specialized unit of the Federal Bureau of Investigation (FBI) and a cybersecurity firm. The police department decided, on the advice of experts, not to pay the ransom and try to recover the affected systems on its own, which led to the online leak of the compromised information.

After the leak, the organization eventually decided to reveal the incident and the potential risks arising from the leak, which could affect all police members in the small town, in addition to affecting those involved in some active criminal cases.

In a brief press release, the Azusa Police Department announced what it identified as a “data security breach stemming from a sophisticated ransomware attack.” Authorities said some personal records were compromised during the incident, including Social Security numbers, driver’s licenses, medical records and financial records, among other data.  Affected users have not been notified directly by authorities, although the Police Department offered “special follow-up” to those whose confidential information was affected.

Moreover, earlier this week it was confirmed that attackers leaked around 7 GB of sensitive information extracted from Azusa’s systems. These records are still available on the dark web and have been searched around 11 thousand times since the end of April.

Azusa is one of multiple law enforcement agencies in the U.S. that has become a victim of a recent wave of ransomware attacks. Earlier, the Illinois attorney general’s office and police in Presque Isle, Maine were compromised by a similar incident in which threat actors demanded a ransom of close to $4 million USD.

The Azusa Police Department has yet to reveal further details of the incident, such as the ransom amount demanded by the hackers. A recent FBI report notes that cyberattacks operated by DoppelPaymer usually involve six-figure ransoms, and hackers often resort to phone and SMS intimidation tactics to force ransom payments.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.