The Metropolitan Police Office (MPD) of the District of Columbia has turn into the most current significant-profile authorities agency to drop sufferer to a ransomware attack.
The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police’s networks and stolen 250 GB of unencrypted files. Screenshots shared by the team, and viewed by The Hacker News, include a variety of folders containing what seems to be investigation studies, arrests, disciplinary actions, and other intelligence briefings.
Also referred to as the DC Police, the MPD is the primary regulation enforcement company for the District of Columbia in the U.S.
The ransomware gang has given the office a few days to heed to their ransom demand from customers or risk leaking sensitive documents that could expose law enforcement informants to felony gangs.
“Hello! Even an institution this sort of as DC can be threatened, we have downloaded a ample amount of information from your interior networks, and we recommend you to get hold of us as soon as feasible, to avoid leakage, if no reaction is been given in 3 days, we will start out to speak to gangs in get to drain the informants, we will keep on to attack the condition sector of the united states, fbi csa, we discover working day ahead of you, even larger attacks await you shortly,” the ransomware team claimed on their knowledge leak website.
Babuk Locker is a relative newcomer in the ransomware landscape, with the team targeting transportation, healthcare, plastic, electronics, and agricultural sectors throughout the U.S., U.K., U.A.E., China, India, South Africa, Spain, Germany, and Italy at minimum since the commencing of 2021. The syndicate is also acknowledged for attacking Linux-dependent techniques this sort of as VMware ESXi.
“The Babuk gang highlighted the crucial issue that all organizations facial area when confronting threats, and that is pace,” Cymulate CTO Avihai Ben-Yossef mentioned. “The time it normally takes for recognized vulnerabilities to get patched on all systems is as well extended. Defenders that rely on guide security testing methodologies are not able to match the tempo of danger actors in acquiring security gaps and correcting them.”
Found this posting interesting? Stick to THN on Facebook, Twitter and LinkedIn to go through extra distinctive written content we post.
Some sections of this short article are sourced from: