When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
According to the Record, A ransomware group is threatening to leak sensitive police files that may expose police investigations and informants unless the Metropolitan Police Department of the District of Columbia agrees to pay a ransom demand.
Details of Ransom Demand
“We are aware of unauthorized access on our server,” Sean Hickman, a public spokesperson for DC Police, told The Record in an email today after screenshots of the department’s internal files and servers were published on the website of the Babuk Locker ransomware gang.
The screenshots suggested the ransomware group had obtained access to investigation reports, officer disciplinary files, documents on local gangs, mugshots, and administrative files.
In total, the Babuk Locker gang claims it downloaded more than 250 GB of data from DC Police servers.
The group is now giving DC Police officials three days to respond to their demand; otherwise, they say they will contact local gangs and expose police informants.
DC Police officials told The Record they are still investigating the breach to determine its full impact. The department has already engaged the FBI to help with the investigation, Hickman told The Record.
The Babuk Locker gang is one of the most recent ransomware groups today. The group began operating in January 2021 and has already hit some major companies such as Spanish phone retail chain Phone House and the NBA’s Houston Rockets.
One of the group’s most distinctive features it’s the ability of its ransomware payload to encrypt files stored on VMWare eSXI shared virtual hard drives. It is one of only three ransomware strains —alongside Darkside and RansomExx— that can do this.
Last week, security firm Emsisoft warned that this feature is often buggy and could lead to situations where the ransomware permanently destroys the victim’s files. The Babuk Locker team responded a few days later in a hacking forum post that they fixed this bug.
This attack’s potential ramifications are the exact reason our team takes so much pride in protecting organizations. We understand how these malicious cyber acts have real-world implications and use our technical abilities to combat threat actors. Don’t hesitate to call our security operations center so we can begin protecting your organizations from threats like Babuk.
This is a more intense situation than the usual ransomware attack but goes to show the potential they can have on an organization in any industry at any level. Our team will continuously monitor environments 24/7 in our US-based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have direct communication with our engineers at any moment and a completely transparent view of your risk profile.
If you think your organization has been breached, call our Security Operations Center at 833.997.7327.
View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.
ShadowSpear Platform
Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.
ShadowSpear Demo
Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.
