Tag Archive for: police

Ransomware group threatens to leak Stanford police data

/in


Notorious ransomware gang ‘Akira’ listed Stanford University on the darknet as the target of a ransomware attack on Friday morning. Screenshots of the listing were shared on other parts of the internet, including the r/stanford subreddit and on X (formerly Twitter) by cyber risk analyst Brett Callow. 

University spokesperson Luisa Rapport confirmed “this is the same as the SUDPS cybersecurity incident” previously covered by The Daily. 

Akira claims to hold 430 gigabytes of internal data, including private information and confidential documents. They threatened to leak the information online if the University did not pay an unspecified ransom. The Stanford University Department of Public Safety processes and stores data on personnel, case reports, risk evaluations and crime involving students, faculty and other community members. It is unclear at this point how much of this data was lost or encrypted by this ransomware. 

The University wrote in a Friday statement that “there is no indication that the incident affected any other part of the university, nor did it impact police response to emergencies.” According to the statement, “the investigation is ongoing and once it is completed, we will act accordingly and be able to share more information with the community.”

The Akira listing describes Stanford as “known for its entrepreneurial character.” The group threatened that, “Soon the university will be also known for 430Gb of internal data leaked online. Private information [and] confidential documents.”

Chris Hoofnagle, law professor and director of the Center for Law & Technology at the University of California, Berkeley, wrote to The Daily that attackers interested in police entities are sometimes “a nation state or organized crime” group. 

“The first steps of identifying the scope of the breach can be quite expensive and time consuming. Almost all entities hire outside forensic firms to do the analysis,” Hoofnagle wrote.

He wrote it was “best practice” to limit information until there was information on the full scope of the breach and the network was secure. “Institutions do not want to get into a drip situation where they notify…

Source…

Major international police operation brings down Ragnar Locker ransomware group

/in


A large group that carried out ransomware attacks has been dismantled in an international police operation. The suspected leader has been arrested, and their platform has been taken offline. Five of the group’s servers were seized in the Netherlands and Dutch investigators assisted in the investigation.

According to coordinator Peter Bos of the East Netherlands Cybercrime Team, he and his colleagues have made an important contribution to this large-scale international operation that was started in 2021.

“As a team, we have succeeded in mapping the IT infrastructure of the Ragnar Locker group, as well as their working methods. We also seized several servers and took down hosting services during the week of action, in which eleven countries worldwide participated. Furthermore, we have secured victim data from more than 60 multinationals and during the investigation, we notified some victims of impending ransomware attacks by this group,” Bos said.

European services Europol (police) and Eurojust (justice) announced the results of the action against the Ragnar Locker group on Friday. The main suspect was arrested in Paris last Monday. His house in the Czech Republic was searched. In addition, five other suspects were subsequently interrogated in Spain and Latvia. The group’s website on the dark web was shut down in Sweden. In addition to the Netherlands, servers were also seized in Germany and Sweden.

The ransomware, also called Ragnar Locker, has been active since December 2019. Its creators infected and locked computer systems. They also stole internal data. They then demanded a ransom from victims, both for unlocking systems and for returning sensitive data. They then offered a decryption key in exchange for a ransom amount ranging from $5 to $70 million, threatening to leak the stolen data on the dark web if their demands were not met, according to the police. They also threatened to release all files to the public if the victims filed charges.

Investigators believe that the group attacked about 168 organizations. Last year, they attacked the Portuguese national airline TAP. A month ago, they perpetrated a digital attack on a hospital near Tel Aviv in Israel.

In 2021,…

Source…

Security incident targets computer network used by STL area police

/in



Police sources tell FOX 2 a computer information network they use on a regular basis is temporarily unavailable. A spokesperson for the Regional Justice Information System (REJIS) confirmed there was …

Source…

Third-party ransomware attack impacts UK’s Greater Manchester Police

/in


BleepingComputer reports that the UK’s Greater Manchester Police has been impacted by a data breach stemming from a ransomware attack against a service supplier, which also caters to other UK organizations.

Information compromised in the incident includes the personal information of some of the police department’s employees but financial data is unlikely to have been impacted, according to GMP Assistant Chief Constable Colin McFarlane.

“…[W]e have contacted the Information Commissioners Office and are doing everything we can to ensure employees are kept informed, their questions are answered, and they feel supported,” McFarlane added.

Such an intrusion follows third-party breaches affecting the UK’s Metropolitan Police and the Police Service of Northern Ireland during the past month.

Metropolitan Police had data from 47,000 police officers and staff, including names, ranks, and vetting levels, exposed after a cyberattack against ID card and access pass manufacturer Digital ID, while 10,000 police officers of PSNI also had their personally identifiable information stolen, some of which were already leaked online.

Source…