The District of Columbia’s Metropolitan Police Department said in a statement Monday that its computer network was allegedly breached by a Russian-speaking syndicate known as Babuk Ransomware Group, which now seeks payment for the stolen data.
According to Fox News, the stolen information includes sensitive data on informants, material the hackers threatened to provide to local gangs unless law enforcement paid an undisclosed ransom.
After taking credit for the breach, the hacker group posted screenshots on their dark web site claiming to have stolen over 250 gigabytes of data, including intelligence reports, information on gang conflicts, the jail census and other administrative files.
“We will not comment this time: Even such an organization has huge security gaps, we advise them to get in touch as soon as possible and pay us, otherwise we will publish this data,” the hacker group allegedly stated in a screenshot on their website.
“Babuk Ransomware Group has breached [DC Police Department]. Extortion demand has not been stated. Some data has already been leaked online – images shown are of police reports, FBI arrest details, internal memos, and more,” vx-underground tweeted, along with the images.
The screenshots were shared on Twitter by vx-underground, the self-proclaimed “largest collection of malware source code, samples, and papers on the internet.”
The hacker group later updated their statement on the breach, saying, “Hello! Even an institution such as DC can be threatened, we have downloaded a sufficient amount of information from your internal networks, and we advise you to contact us as soon as possible, to prevent leakage.”
“If no response is received within three days, we will start to contact gangs in order to drain the informants, we will continue to attack the state sector of the usa, fbi, csa, we find 0 day before you, even larger attacks await you soon,” it continued.
The D.C. police department said the threat was being taken seriously.
“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter,” the department statement said.
According to Cyberint, a global threat intelligence firm, Babuk is known for stealing, encrypting and leaking data for extortion purposes and seeks payments in Bitcoin.
“Based on observations throughout January, Babuk appears to be an actively developed threat, likely set to be further fueled by profits made from their nefarious campaigns,” Cyberint said.
Rob Pritchard, the founder of CyberSecurityExpert.com, said ransomware attacks have started to increase in recent years, targeting hospitals and other multinational corporations.
“It’s modern organized crime effectively, operating multi-nationally and often out of jurisdictions that offer a degree of protection from international law enforcement operations either due to inability, indifference or corruption,” he told NPR.