Security News > 2021 > April > DC Police Department Hit by Apparent Extortion Attack
The Washington, D.C., police department said Monday that its computer network was breached, and a Russian-speaking ransomware syndicate claimed to have stolen sensitive data, including on informants, that it threatened to share with local criminal gangs unless police paid an unspecified ransom.
The District of Columbia's Metropolitan Police Department said in a statement that it had asked the FBI to investigate the "Unauthorized access." There was no indication that any police operations were affected, and the department did not immediately say whether it had been hit by ransomware.
The Babuk group, a relatively new ransomware gang, said on its website that it had "Downloaded a sufficient amount of information from your internal networks" and gave the police three days to contact it or "We will start to contact gangs in order to drain the informants."
Such documents generally include instructions on how to contact the ransomware criminals, whose standard operating procedure is to exfiltrate sensitive data from networks they infiltrate as they sow malware that, once activated, encrypts data.
So far this year, 26 government agencies in the U.S. have been hit by ransomware, with cybercriminals releasing online data stolen from 16 of them, said ransomware analyst Brett Callow of the cybersecurity firm Emsisoft.
The D.C. police department said it was taking the threat seriously.