In a recent press release by Cockrell Hill police department in Texas revealed that their internal computer system had been infected by the OSIRIS virus and ransomware.
The infection appears to have come into the police dept from an email message of ‘unknown origin’ which was spoofing the address of a departmental email address. The ransomware then encrypted MS office documents and photos on the server as well as body camera footage going back to 2009. In the press statement they did state that for the majority of the documents they had backups on DVD or printed copies they did admit that they did not know how much data was lost that could have been used in future or current investigations.
After the ransomware was notice they Police department were given a link to a website where on payment of $4000 in bitcoins they would receive an encryption key. But advise from the FBI cybercrime unit – who are investigating this incident – was not to pay as it is unlikely that the encryption key would be provided.
It is not thought that any of the data was transmitted outside of the Police department network.
We spoke to a computer security expert about this story and he told us. ” What is worrying in this case is that we are dealing with very sensitive information on these networks, it could well have been informants contact information or evidence in serious criminal investigations that was lost and this should have never been allowed to happen.” he went on to give this technical advise “With a well configured firewall and email scanning this virus would have probably never even made it past the email gateway. It also seems as though regular backups of data had not been made which would have prevented most if not all of the data loss”
Whether this ransomware attack was just to extort money from the Police dept or whether it was targeted to try to destroy evidence remains unclear.
You can read the full press release here