back to article Washington DC police force confirms data breach after ransomware upstart Babuk posts trophies to Tor blog

Ransomware criminals have posted trophy pictures on their Tor blog after attacking the police force for US capital Washington DC. The Metropolitan Police Department said it was "aware of unauthorised access on our server" and had engaged the FBI to investigate, according to BleepingComputer. Babuk, a relatively new ransomware …

  1. Prst. V.Jeltz Silver badge

    fails to check that files are indeed encrypted before running the decryption algorithm on them – meaning formerly OK files end up being scrambled.

    That seems like two very trivial and very easy to fix problems right there.

  2. FlamingDeath Silver badge

    Move along, nothing to see here

    Just another case of an organisation enjoying the fruits of modern technology without paying for its cost of ownership

    I'm almost getting bored of this ransomware nugget.

    You know, cars are dangerous. We force people to pass a test and have a license before allowing them into the public domain

    You know, computers are dangerous too, yet we allow any old cunt with podgy fingers use them, where their ignorance and stupidity can cause harm

    A bit like someone in a car killing someone else, because they didnt know what the brake pedal was for

    A bit like someone using an email client and responding to people in their spam folder, because they didn't understand the spam folder

    What's the answer here? Pay CEO's or similar more money perhaps? They're ultimatey the ones leading here. Let these talented individuals on silly money, sort it out.

    I don't know about many other IT peeps here, but how often do you have your authority overridden by some cunt upstairs?

    1. Short Fat Bald Hairy Man

      Re: Move along, nothing to see here

      >> I don't know about many other IT peeps here, but how often do you have your authority overridden by some cunt upstairs?

      Just, ALL THE FUCKING TIME. Am I happy to be not in that position anymore!

    2. big_D Silver badge

      Re: Move along, nothing to see here

      It is more like driving on snow, you put snow tyres on and you have done an advanced driving course, but some b* shoots your tyres out as you drive around the corner...

      Fully patched and "best practices" secure systems can still get caught out - just look at Solar Winds customers or the Exchange zero days last month. You have done everything to ensure your system is secure, but you are still vulnerable.

      Yes, there are millions who don't take care of their systems and do the equivalent of driving around on bald tyres and worn out brake pads, but even those that are fully secured can still have accidents.

  3. FlamingDeath Silver badge

    "He added that Mimecast research showed around half of all ransomware victims paid up."

    We shouldn't be surprised by this

    Organisations, or more precisely, the lumps of flesh shaped like humans who lead these organisations, they like money.

    They simply see it as an operational cost that "might" occur, whereas paying for cyber compliancy training and or a sufficiently staffed IT ship, is a cost that is guaranteed.

    Business people are the worst people to be making these kinds of decisions

    1. Eclectic Man Silver badge

      Half of all victims

      It would be interesting to know the size of the ransoms paid. If an individual with one PC pays up to preserve the photos of their loved ones, personal accounts etc. with say US$100 that is one thing. If a corporation with 5k PCs and mainframe etc pays up US$100 per machine (or however it works) that is quite another. I would expect that the larger corporations would have better backup restore management, but for the ones that don't the ransom would be quite a lot.

    2. big_D Silver badge

      You mean, if those companies had paid up for security software, like implementing Solar Winds, they wouldn't be affected? Oh, wait.

      Well, as long as they are using Cisco firewalls then... Oh, wait.

      And their Exchange was fully patched before March... Oh, wait.

      Even paying out for cybersecurity and training doesn't always help.

  4. mark l 2 Silver badge

    Police computers that hold information about active investigations should be air gapped and never be connected to the internet. I hope whoever allowed that to happen is immediately suspended from their job and is should charged with criminal negligence. As it could potentially put witnesses or investigating offices in risk of their lives and allow serious criminals to evade prosecution.

    1. Potemkine! Silver badge

      Theory vs Practice

      Air gaped? But... but... but... everything runs in the clouds nowadays.

    2. tip pc Silver badge

      @mark, I’d love to know your definition of air gapped.

      I suspect those machines where nowhere near an internet connection.

      Air gapped normally means not connected to anything unrelated.

      In the dim distant past the cjx offered secure internet access at horrendous costs, it was far cheaper for connected agencies to provide their own internet access and add the necessary compensating controls. Not all systems must or should be air gapped, for some it should be mandatory though.

    3. Dave 15

      I guess leaking details of investigations makes a change from shooting those with the wrong skin colour l

  5. Potemkine! Silver badge


    Would this problem exist without cryptocurrency, or at least be so prevalent?

    1. Claptrap314 Silver badge

      Re: Ransomware

      You could manage something similar with burner credit cards, I suspect. There are LOTs of ways to wash funds, once they are in the system.

      But the tech for coin is pretty much same tech that enables TLS. And I'm pretty sure was discussed before https was first implemented. Once the idea was out, it was going to happen.

  6. Cynicalmark

    Nothing new

    This is nothing new, lessons should have been learned and systems of backup and security of all machines followed post education of all users.

    Back in the real world the words ‘how much?’ Ring true in every management level craving the next bonus for shaving a budget. Some snotty kid replacing experienced tech support who is a nephew of some accounts director with a grudge without a clue about security, just playing games all day. Management who you warned for seven long tedious years to not use the same password for everything and everyone so they can access everything without having to remember a list of passwords. Morons who tell you to stop the password updates and moan about costs while shoving a clown from Micro$ft into your face to discuss cloud storage only to balk at the per Gb cost yet again.

    Don’t even mention the passwords scrawled in sharpie on the monitor edge. Pizza guy, delivery person walking by. Even companies vying for business can see some walking through. Is it any wonder I lost hair.

    Christ, we have all been through this in a medium sized outfit trying to play with the big boys. They spend it all on image and shiny things but you mention security of systems and they say we will discuss it at board level and fob you off.

    They all get what they deserve. I write books now, a lot less stressful.

  7. Dave 15

    And yet

    Company after company demands to have and to store loads of information about its customers on databases coupled to the front ends they provide. Weak design and data they don't need and shouldn't have

  8. Tempest

    Yet Another Case of Closing the Stable Door After the Horse has Bolted

    The US reckons it leads the world in security. B.S.

    Once again US security has been proved to be as tight as a vegetable cullender notwithstanding it spend trillions of dollars on digital security.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like