Cyber criminals have started targeting government enforcement of the Ransomware in an attempt to extort money. Recently, the police department of the Midlothian Village in Illinois has paid a ransom of over $600 in Bitcoins to an unknown hacker after being hit by a popular ransomware attack.
The popular Ransomware, dubbed Cryptoware, disabled a police computer in Midlothian — located south of Chicago — by making it inaccessible through its file-encryption capabilities and forced them to pay a ransom in order to restore access to the important police records.
The Chicago Tribune reported that the department first encountered Cryptoware in January, when someone in the department opened a spear-phishing email that pointed to the malicious software.
Once opened, the email carrying the Cryptoware ransomware immediately encrypts the files on the computer and, in typical ransomware style, displays a message demanding money in exchange for a decrypt code that could free the device from Cryptoware.
Midlothian Police Chief Harold Kaufman confirmed the police department had been hacked, but declined further comment. Local IT professionals assured that the hacker didn’t get access to files in the police department's database, rather the Cryptoware program only made certain documents inaccessible.
"It didn't encrypt everything in the police department. It was just that computer and specific files, not the entire system," Calvin Harden Jr., an IT vendor who works with the village and the police on overcoming this threat, told the Tribune.
Cybersecurity experts recommend business users routinely back up their data, but, according to Harden, the police officials were forced to make the payment because going after the hacker might have been more trouble than it was worth.
"Because the backups were also infected, the option was to pay the hacker and get the files unencrypted, which is what we decided to do," Harden told the newspaper.
This isn’t the first time when hackers have targeted a government agency. Back in November, 2013, the cyber criminals had managed to encrypt the database of Massachusetts' Swansea Police Department by CryptoLocker ransomware and forced them to pay $750 to restore their files.
Midlothian follows the city of Detroit and a sheriff's office in Tennessee as Cryptoware victims within the last year. Forcing victims to pay via Bitcoin provides the hackers an easy method to collect money and moving on to future victims with little-to-no digital footprint
However, law enforcement succeeded in decreasing various ransomware attacks, but with the discovery of 2.0 versions, the ransomware even made it way to infect the mobile devices.
Previously known and popular Ransomware are as follow:
CryptoLocker
Cryptowall
PrisonLocker
and now Cryptoware is really a threat to online users.
The best defense against Ransomware is creating awareness within the organization and at home, as well as maintaining backups that are rotated regularly. Ensure that your systems are running the latest version of Antivirus software with up to date malware definitions.