Police Department Pays Cybercriminals Following Ransomware Infection

The Tewksbury, Massachusetts Police Department recently paid a $500 ransom to decrypt its files following an infection with KEYHolder ransomware, according to the Boston Globe.

After having trouble calling up arrest and incident records, the police department received a message stating, “Your personal files are encrypted. File decryption costs $500. If you really value your data, then we suggest you do not waste valuable searching for other solutions because they do not exist.”

Two private cyber security firms and federal and state law enforcement specialists were all unable to decrypt the files. After trying for five days to solve the problem, the police department decided to pay the fine.

As the Boston Globe notes, several other police departments have made the same decision — the Swansea, Massachusetts Police Department paid over $750 to decrypt its files in November 2013; the Dickson County, Tennessee Sheriff’s Office paid $572 to decrypt its files in October 2014; and the Midlothian, Illinois Police Department paid $500 to decrypt its files in January 2015.

According to a recent ThreatTrack Security survey of 250 cyber security professionals entitled “Negotiating with Cybercriminals,” 30 percent of IT security pros recommend negotiating with cybercriminals to restore stolen or encrypted data.

Among organizations that have already been hit by such attacks, that figure rises to 55 percent.

Fully 43 percent of respondents at organizations that had already been attacked said companies should set aside funds for negotiating with cybercriminals who steal or encrypt their data.

And 59 percent of respondents said cyber security insurance firms should offer policies that provide companies with a third party to negotiate on their behalf for the return of their data.

Sixty-six percent of respondents said they would worry about a negative reaction from customers and employees if they learned that their company had chosen not to negotiate with cybercriminals following a breach.

When asked if their organizations were likely targets of cybercrime extortion, 74 percent of respondents said yes.

“While revulsion to negotiating with cybercriminals is predominant in the cybersecurity industry, one-third of its members believe recovering stolen or encrypted data trumps principle,” the report states. “More are likely to take that stance should the number of successful targets continue to increase.”

A recent KnowBe4 survey of more than 300 IT professionals found that 88 percent of respondents said security awareness training provides the most effective protection from ransomware.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles