Russian ransomware attack against Washington DC police

The Babuk attack syndicate took responsibility for the breach of the police servers and started to publish data on arrests, conflicts between criminals, informants and more on the dark web  

A patrol car of the Metropolitan Police of Washington, D.C. Photo: REUTERS/Graeme Solan/Sipa USA 

The Metropolitan Police of Washington, D.C. fell victim to a ransomware attack, and classified files appeared on the dark web site of the Babuk attack syndicate, a relatively new Russian-speaking group. The New York Times reported that it was the third cyberattack against a U.S. police department in the last six weeks, following ones against local stations in Maine and California.  

The method of operation of the Babuk hacking group, which also took responsibility for the attack against the NBA's Houston Rockets earlier this month, is holding its victim's data hostage until a ransom is paid, mostly via Bitcoin. According to the report, Babuk threatened to leak data on police informants, arrest reports, conflicts between criminals and wanted lists within three days unless its ransom demand is met, so it is possible that the attack was carried out a number of days ago but its existence was only revealed now.   

AP provided details regarding the worrying ransomware attack situation in the U.S. Since the beginning of the year, 26 government agencies were hit by ransomware, with 16 of them having their data not only held hostage but also leaked online. There are about 27 active attack groups.     

"We are aware of unauthorized access on our server," the capital's police said. "While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter." Last week, the U.S. Justice Department set up a special task force to fight ransomware attacks.