Storage devices containing data from Washington, D.C., police surveillance cameras were infected with ransomware, but the city’s tech department mitigated the situation without paying.
Just eight days before the inauguration, storage devices containing data from Washington, D.C., police surveillance cameras were compromised with ransomware, the city’s tech department confirmed to StateScoop.
The Office of the Chief Technology Officer, led by CTO Archana Vemulapalli, confirmed a story from the Washington Post announcing the attack. Vemulapalli told The Post the city paid no ransom, took the infected devices offline, removed the software and restarted the system at each location. Police cameras were unable to record between Jan. 12 and Jan. 15.
Vemulapalli told The Post that an investigation into who was behind the hack continues, and that the intrusion was “localized” and did not extend to other devices in the city’s environment.
The police department first reported malfunctioning cameras at four sites and reported it to OCTO, which then found two forms of ransomware in the four devices. The discovery prompted a citywide sweep of the network, where Vemulapalli told The Post they found more infected sites. The cyberattack affected 123 of 187 video recorders in a closed-circuit TV system for public spaces across the city, officials told The Post.
The Washington, D.C., ransomware attack is another in a string of attacks on public sector entities. Late last year, attackers used ransomware to compromise the systems of San Francisco’s transit agency — prompting U.S. Sen. Mark Warner, D-Va., to raise concerns about D.C.’s own metropolitan transit agency’s cybersecurity efforts.
Earlier in 2016, a ransomware attack forced a county in Indiana to pay a $21,000 ransom, as well as invest more than $200,000 in beefing up its department and security.
The Multi-State Information Sharing and Analysis Center — which operates out of the Center for Internet Security and is funded by the Department of Homeland Security — reported last year that ransomware is the organization’s “number one type of malware right now."
Contact the reporter who wrote this story at email@example.com and follow him on Twitter @JakeWilliamsDC.