Police PCs are infected by malware, files are encrypted and ransom is requested

ByRicardo Alguacil

Infect malware as a smart phone application, lock it so you can not operate the iPhoneCase requiring ransomAnd Android smartphone photos and moviesMalware that demands ransomThere are damage such as being discovered, but in America ·New Hampshire State DurhamIn the police, there was a case that the PC used for business was infected with malware, data of all PCs were locked and ransom was requested.

Virus Infects Police Computer System In Durham NH «CBS Boston

Cryptowall attacks Durham police files | SeacoastOnline.com

The attacker was a business PC that was connected to the network inside the police and received consultation mail etc from the residents, the case occurred around 10 pm on June 5, 2014. When the official read the mail arriving at the mail address of the Durham police station and opened the attached file, the data stored on the PC was encrypted and it became impossible to operate it. And in a short time until the next morning, the damage to the PC connected to the network inside the department was expanded, which led to a situation in which the business network was almost in a stopped state.

Tod Selig, executive officer of Durham, said, "There are many consultation emails from the residents to the police, so the images attached to such e-mails can be made on the road taken to consult the damage It is also common that it is a photograph of a sunken hole, "he says about the difficulty of making a decision.

The malware used for this attackCryptowallIt encrypts the data in the infected PC and restores the data to 500 to 1000 dollars (about 50,000 yen to 100,000 yen) ransom to a prescribed account etc. It is something to transfer. Even in the case of Durham police, the screen was displayed in such a case, but the Durham police could not obey the instructions, of course, the restoration work will be carried out by the IT engineer in the department It was. It removes malware by isolating the infected PC from the network, and recovery of data is proceeding from the backup file created every day. As a result of the investigation, the damaged infection was document data such as the mail system in the office and Word and Excel, and there was no damage to important data like a crime record.


Mr. Selig said about the importance of backup "As you can see from this example, it is very important to back up, our work is to see the best results with the worst situation in mind, Even if the worst happens, we have countermeasures against it. "

In order to protect yourself from the damage of this hand, keep security software always up to date, temporarily isolate the PC in case of infection, to prevent the spread of damage, and prepare for such a case It seems to be said that the most reliable method is to continue the basic measures of keeping backing up as often as possible as much as possible.

ByKris krüg

in Note,   Software,   Web Service, Posted by darkhorse_log