The Melrose Police Department in Massachusetts fell prey to ransomware that spread was triggered from a malicious email opened by a member of the department. To regain access and control of the files encrypted by the cryptographically-coded ransomware, the Police Department paid one bitcoin in ransom, reports have concerned.
The attack came in the form of a seemingly innocuous email that was sent to the entire department on the evening of February 25, as reported by Melrose Free Press.
Speaking to the publication, Police Department Chief Michael Lyle claimed that one unsuspecting user from within the department opened the email, triggering the payload of the ransomware which proceeded to encrypt files and take control of a program known as TriTech. The software is an essential tool, one that police officers use for computer aided dispatch and as a record management system during patrol. The program also enables law enforcement officers to log incident reports.
With no control and access to the software, the police department worked with Melrose IT director Jorge Pazos to purchase a single bitcoin, the ransom sought by the ransomware operators.
In the meantime, the publication reveals that while Melrose Police did not lose any of the encrypted data, they had to resort to logging entries and incident reports in Microsoft Word documents. Furthermore, Lt. Mark Decroteau of the Melrose Police Dept., revealed that police officers had to resort to “the old fashioned way” in booking those arrested on paper.
Eventually, the Police Department were able to transfer the ransom of one bitcoin to the ransomware hackers, to regain control of the TriTech software on Saturday, February 27.
The incident comes not long after a similar malware infection that saw the systems of an entire Hollywood-based hospital plagued by ransomware. The standoff lasted weeks with the hospital administration seeking the services of a cyber forensics team to try and regain their computer systems.
Several systems including those supporting lab work, the hospital’s pharmacy, the CT scanning department and more were affected. Some patients had to even be transferred and transported to other hospitals as a result of the intrusion.
Eventually, the administration relented after determining that the ransom payment to regain access to the hospital’s encrypted data and files was cheaper than the restoration costs that would be incurred.
The hospital paid a ransom of 40 bitcoins, equivalent to approximately $17,000 at the time.
Another recent similar incident that made headlines was that of extortionists who demanded bitcoins from patrons of a strip club in Switzerland, or face ‘exposure’ with pictures of them visiting the strip club sent to their families.
CCN.com was also at the receiving end of an extortionist demand that sought bitcoins or face DDoS attacks. Bitcoin businesses including exchanges, news outlets and wallet service providers have all been targeted with DDoS attacks followed by predictable bitcoin-seeking ransom demands.
Cybercriminals seeking ransom in Bitcoin is unlikely to go away anytime soon and such criminal activity only serves to hamper bitcoin’s standing as a global, decentralized and an unregulated currency.
Featured image from Shutterstock.
Last modified: May 21, 2020 10:32 AM UTC