Threat Watch

Babuk Extorts DC Police Department

The Metropolitan Police Department has confirmed that they were the victim of a cyberattack after the Babuk ransomware group posted screenshots and threatened to leak more than 250 gigabytes of stolen data online. When contacted by BleepingComputer, the department said:

“We are aware of unauthorized access on our server. While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter.”

As with each post Babuk makes public, several screenshots are listed as “proof” that the group has stolen data from the victim. In one of the screenshots, several names of folders can be seen related to ongoing cases with the department, including arrests related to the riots on January 6th at the Capitol Building.

ANALYST NOTES

Binary Defense highly recommends reading an implementing steps from the CISA (Cybersecurity & Infrastructure Agency) and NCSC (National Cyber Security Centre) ransomware guides. The guides contain detailed information that any organization can use, describing in detail how to backup and protect data, create incident response plans and more.

Source: https://www.bleepingcomputer.com/news/security/dc-police-confirms-cyberattack-after-ransomware-gang-leaks-data/