EDR that stops cyber-attacks in minutes
May 6, 2021
Sababa cybersecurity contest in Tashkent
September 21, 2021
Washington D.C. Police Department got breached as a result of a ransomware attack. Its stolen data started being released on the dark web, making it the third police force in the United States to be targeted by a ransomware attack in six weeks, according to media reports. The department officially confirmed that it was “aware of unauthorised access” to its server and that FBI is investigating the cybercrime to establish the full impact of the breach.
In a post published on its website, the Russian ransomware group Babuk Locker claimed its responsibility for the leak and stated it had downloaded more than 250 GB of data from the servers, having gained access to administrative files, documents on local gangs, police intelligence reports and much more. The gang was threatening to release information about police informants to criminal gangs unless the ransom is paid, but even after being ready to pay $100 000 to decrypt the data, personal information of some police officers was leaked.
Babuk ransomware was first noticed in the beginning of 2021. It used a strong encryption mechanism, that works swiftly and provides a victim with almost zero chances to recover the files. “Its encryption is crazy-fast with just under 30 seconds to encrypt the C:// drive,” said Chuong Dong, a computer science student at Georgia Tech in his interview to Threatpost.
What can you do to prevent ransomware attacks?
Police and other governmental organizations, often get breached by ransomware attacks, that lead to devastating consequences. But without thinking too big, every small business, midsize company or enterprise with “attractive” critical data is likely to be in the crosshairs of a cybercriminal.
Here are a few tips to dodge the shot:
- Educate your employees. In nine cases out of ten, human error is the cause of data breaches. Investing proactively in cybersecurity awareness will increase your chances of not becoming a victim.
- Continuously monitor your security posture. Its assessment is the first step to understand where your company is in its cybersecurity maturity journey and to identify vulnerabilities that may be potentially exploited.
- Always have an emergency plan ready. The faster your company can detect and respond to data breaches or security incidents, the less chance there is that the attack will have a serious impact on your business. Having an Incident Response plan ready will help you significantly decrease your remediation timetable.
