Massachusetts Police Department Pays CryptoLocker Ransom

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

The Herald News reports that Massachusetts' Swansea Police Department paid a 2 Bitcoin (currently more than $1,000) ransom to decrypt images and Word documents encrypted by CryptoLocker ransomware on November 10, 2013 (h/t Sophos).

"It was an education for [those who] had to deal with it. ... [The virus] is so complicated and successful that you have to buy these Bitcoins, which we had never heard of," Swansea Police Lt. Gregory Ryan told the Herald News.

Still, Ryan insisted that no files were lost, saying, "We were never compromised."

Tripwire security researcher Ken Westin said in a statement, "Essentially the police in Swansea, Massachusetts have negotiated with terrorists. I’ve done a lot of work with law enforcement agency security and, unfortunately, police departments tend to be among the worst at cyber security. Law enforcement is one of the most insecure areas of local governments because there is a lack of training in new technology and it is difficult to get them to adopt new processes."

And as Sophos' John Hawes notes, any files that are valuable enough that they're worth paying a ransom for should be backed up on a regular basis, so they can be retrieved even if local copies are destroyed by CryptoLocker or any other virus.