Ransomware Encrypted Police Camera Systems in US Capital
Between January 12 and January 15, a malware infection with ransomware caused a large part of the police camera systems of the American city of Washington DC to be encrypted. It concerned the systems that are responsible for the storage of the camera images.
City officials told The Washington Post that 123 of the total 187 systems were infected, or about 65 percent. As a result, it was not possible to record camera images in the week before the inauguration of US President Donald Trump. According to a spokesperson, public safety was not endangered by the incident and it did not affect ongoing investigations. It is unclear who is responsible for the infection, although the newspaper writes that it was an extortion attempt.
It is unknown what kind of ransomware was used. The newspaper only writes that there are two variants. Municipal employees were able to clean up the infection by reinstalling the systems. No ransom would have been paid for decryption. The malware was only present on the systems that provide the storage for public cameras and has not penetrated any other systems. Some ransomware variants actively search for network drives to spread further.
Ransomware has already caused problems in an American city when criminals infected the systems of the transportation companies of San Francisco with the HDDCryptor variant. They then demanded 100 bitcoins for decryption, which amounted to about 68,500 euros at the time. As a result of the encrypted systems, travelers could temporarily use public transport for free.