“You’re infected—If you want to see your data again, pay us $500 in Bitcoins!” says the message on your computer screen. Imagine how a Chicago Police Department employee felt upon receiving such a message. Not a good way to start the day.
In a recent Chicago Tribune article, Gregory Pratt revealed the following details regarding the Department’s incident:
South suburban police department [Midlothian] paid a $500 ransom to an unidentified hacker to regain access to data from a police computer the hacker managed to disable, records show. Midlothian in January was hit with a form of computer virus called Cryptoware, said Calvin Harden Jr., an IT vendor who works with the village.
The hacker demanded payment through bitcoin, a digital currency often used by individuals engaging in sophisticated or sometimes illegal activities on the Internet.
Midlothian Police Chief Harold Kaufman confirmed that the department had been hacked but otherwise declined to comment. Neither Kaufman, Midlothian’s mayor, nor the village clerk returned further messages asking whether the village would pursue the hacker, but Harden said he believed officials would do so. An FBI spokeswoman wouldn’t confirm whether the village made the FBI aware of the incident.
Village officials released a copy of the town’s invoice in response to an open records request by the Tribune. The invoice, “for MPD virus,” shows the village sent a $606 money order to a bitcoin cafe in New York to transmit the money to the hacker. The payment included bank fees and surcharges.
The village had to make a difficult decision whether to comply with the demand, Harden said, and chose to because a pursuit of the hacker might have been more trouble than it’s worth.
“Because the backups were also infected, the option was to pay the hacker and get the files unencrypted,” Harden said, “which is what we decided to do.”
For more information about the Midlothian Cryptoware compromise, read the full article.
IT SECURITY SUPPORT: Blue Mountain Data Systems provides IT Security Support Services for Federal Civilian Agencies. Looking to find Vulnerability Scanning and Testing, Penetration Testing, Risk Assessment & FISMA Reporting for your Federal Agency? Call Paul Vesely at 703-502-3416.