The Washington, DC, DC Police Department (MPD) has confirmed that its servers have been compromised after hackers began leaking its data over the Internet. The administration confirmed in a statement that it was aware of the unauthorized access to its server, and said: It is working with the FBI to investigate the incident. The hacked data appears to include details of the arrests and the people involved. The attack is believed to be the work of the Babuk group, known for its ransomware attacks.
Reports said the group released screenshots of 250GB of stolen data from a primary law enforcement agency in Washington, DC.
One of the files appears to relate to the arrests that took place in the aftermath of the January Capitol riots. The group warns that it will start leaking information about police informants to criminal gangs if the police department does not contact them within three days.
The Washington Police Force, called the Metropolitan Police Department, is the third police department to be targeted in the past two months, according to the New York Times, following attacks by separate groups against departments in Maine, Pennsylvania, and California. It is believed that the outdated software and systems used by many police departments make them more vulnerable to such attacks. The targeting of police stations is also believed to be part of a broader trend of attacks targeting government agencies, and 26 agencies have been subjected to ransom demand attacks this year alone.
The Justice Department reported that the average ransom request grew to more than $ 100,000 as attacks escalated during the pandemic. The Biden administration is trying to improve the cybersecurity defenses of the United States, and an Executive Order is expected soon. The Department of Justice also recently formed a task force to help defend against ransomware attacks, the Wall Street Journal reports.
The Acting Deputy Attorney General who oversees the task force, 2020 was the worst year on record by all accounts when it came to ransomware attacks and related extortion incidents, and if we don't stop it, the problem gets worse.