The Metropolitan Police Department (MPD) of the District of Columbia has turn into the hottest superior-profile government agency to fall sufferer to a ransomware attack.
The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police’s networks and stolen 250 GB of unencrypted information. Screenshots shared by the team, and observed by The Hacker Information, include things like several folders containing what seems to be investigation reports, arrests, disciplinary steps, and other intelligence briefings.
Also called the DC Law enforcement, the MPD is the primary regulation enforcement company for the District of Columbia in the U.S.
The ransomware gang has supplied the office three times to heed to their ransom need or risk leaking delicate documents that could expose police informants to prison gangs.
“Howdy! Even an institution such as DC can be threatened, we have downloaded a adequate quantity of data from your interior networks, and we advise you to call us as before long as doable, to protect against leakage, if no reaction is acquired within just 3 times, we will start off to make contact with gangs in buy to drain the informants, we will proceed to attack the condition sector of the usa, fbi csa, we uncover day in advance of you, even more substantial assaults await you quickly,” the ransomware team claimed on their facts leak web-site.
Babuk Locker is a relative newcomer in the ransomware landscape, with the team targeting transportation, healthcare, plastic, electronics, and agricultural sectors across the U.S., U.K., U.A.E., China, India, South Africa, Spain, Germany, and Italy at least since the starting of 2021. The syndicate is also regarded for attacking Linux-centered systems these as VMware ESXi.
“The Babuk gang highlighted the crucial trouble that all companies face when confronting threats, and that is pace,” Cymulate CTO Avihai Ben-Yossef said. “The time it will take for recognised vulnerabilities to get patched on all techniques is far too extended. Defenders that depend on guide stability screening methodologies are not able to match the tempo of threat actors in acquiring safety gaps and fixing them.”