Tag Archive for: Sheriffs’

San Bernardino County pays $1.1-million ransom over Sheriff’s Department hack


SAN BERNARDINO, CA -JULY27: San Bernardino County Sheriff's Deputy Chief Horace Boatwright, left, speaks at an early morning briefing. San Bernardino Sheriff's Headquarters on Monday, July 27, 2020 in San Bernardino, CA. (Irfan Khan/Los Angeles Times)

San Bernardino County Sheriff’s Department deputies attend a briefing in 2020. A ransomware attack, discovered in early April, crippled the Sheriff’s Department computer systems. The county and its insurer agreed to pay the $1.1-million ransom, a spokesperson said. (Irfan Khan / Los Angeles Times)

Weeks after a cyberattack crippled the San Bernardino County Sheriff’s Department computer systems, county officials confirmed that the hackers had been paid a $1.1-million ransom.

The ransomware attack, discovered in early April, forced the department to temporarily shut down some of its computer systems, including email, in-car computers and some law enforcement databases, including a system that deputies use for background checks.

After negotiating with the hackers, San Bernardino County paid slightly less than half the total — $511,852 — and its insurance carrier covered the rest, said county spokesman David Wert.

“On balance, and consistent with how other agencies have handled these types of situations, this was determined to be the responsible course,” Wert said.

Ransomware attacks on public institutions such as cities, school districts and hospitals have risen sharply in the U.S. in recent years. Government computer networks can contain troves of sensitive data and often have less robust protections than those of major companies.

During a ransomware attack, hackers steal or block access to key files or data, then demand payment in exchange for returning or restoring them. Such attacks can also involve threats that sensitive information, such as Social Security and credit card numbers, will be exposed if the victim doesn’t pay.

The FBI says it does not pay ransom in such attacks and advises victims not to either.

It’s exceedingly rare for ransoms to be paid for hacks involving law enforcement agencies, in part because of who could be on the receiving end of the transaction, said Clifford Neuman, the director of USC’s Center for Computer Systems Security.

“If you’re paying through cryptocurrency, you don’t know who you’re paying it to,” Neuman said. “It could be a sanctioned entity, whether it’s Iran, whether it’s North Korea, whether it’s a terrorist organization.”

And,…

Source…

California county paid $1.1 million ransom to hacker of Sheriff’s Department computers


San Bernardino County acknowledged this week that it has paid a $1.1 million ransom to a hacker who uploaded malware to the Sheriff’s Department’s computer system.

In a ransomware attack, a criminal enters a system and encrypts the data, leaving the owner unable to access it. If a ransom is paid, usually in cryptocurrency, the criminal will provide a decryption key to unlock the data.

For weeks, the county said little publicly about the hack, other than to call it a “network disruption.”

David Wert, a county spokesman, said the county had anticipated such a computer invasion and had taken out insurance. He said that of the $1.1 million payout, the county’s share was $511,852 and that the insurance company paid the rest.

Sheriff Shannon Dicus said Wednesday that the cyberattack did not compromise public safety but workarounds were required for certain tasks. For instance, he said, deputies could not access the California Law Enforcement Telecommunications System, which can tell deputies when a person is wanted for crimes elsewhere in the country. So deputies would request other agencies check the CLETS records.

It was unclear Thursday whether any information was stolen. The department is still going through its systems to learn what has been affected. Those that have been determined to be safe and functioning are being turned back on, said Mara Rodriguez, a sheriff’s spokeswoman.

No other county department computer systems were affected, Wert said.

Chuck Brooks and some other cybersecurity experts say paying a ransom is a bad precedent.

“Generally, businesses should not pay for ransomware as they will likely be hit over and over again as it will be shared and sold by criminal hackers on the dark web,” Brooks said in an email on Thursday, May 4.

Brooks, in a story he wrote that appeared in Forbes magazine, said ransomware has been around since the late 1980s and “it has become a trending and more dangerous cybersecurity threat.”

Wert said there was a discussion about whether to pay but declined to elaborate beyond this statement:

“The decision whether to render payment was the subject of careful consideration,” Wert said. “On balance, and…

Source…

Madison County Sheriff’s Office warns of scam circulating in county


MADISON, Fla. (WTXL) — The Madison County Sheriff’s Office warned of a scam scheme circulating in the county on Monday.

According to the Madison County Sheriff’s Office’s Facebook page, “The scammer identifies himself/herself as an employee with Norton Computer Security. The scammer calls and informs the intended victim that they owe the victim a refund. They ask for permission to log into the victims’ personal banking account so the refund can be transferred. While accessing the victim’s account, the scammer informs the victim that they made a “mistake” and accidentally deposited too much money in the victim’s account. The scammer then requests the victim to wire the overpayment they deposited minus the owed refund back to them.

“The scammer will provide the victim with the name of the bank, person, and account number required to return the overpayment. In this scam, the scammer will move the “accidental overpayment money” from another account owned by the victim to the account identified for refund. It will appear to be a legitimate transfer when the victim is reviewing the account, however it is the victim’s money transferred from another compromised account. If the victim follows the instructions of the scammer, the victim will lose their own money.”

The sheriff’s office advised its citizens to:

  • Never allow any unknown person to access your 

    computer / device either in-person or remotely 

  • Never provide passwords or account information 
  • Never provide personal information to individuals who are 

    not known 

  • Call the company/business yourself to verify 
  • Review all accounts routinely for any suspicious 

    or unauthorized account activity 

The sheriff’s office notes if you believe you have been a victim of this or any other scam, call the Madison County Sheriff’s Office at 850-973-4001 ext. 1.

Source…

Butler County Sheriff’s Office discovered malware activity on its emergency communications system a week ago


“Maybe a slight inconvenience, but not an operational failure.”

Dispatchers were using paper and looking at charts to know here to send emergency units.

“CAD is a computer system,” he said. “All computer systems can fail and we have a plan in place as back up. It is planned for. Now is it difficult, yes. Anytime we do a CAD update where there is a loss of functionality for a while and there is a plan to continue to function. Operations don’t just stop.”

The paper-and-maps system for dispatching brought back memories for Oxford Police Chief John Jones.

“I started as a dispatcher that’s how we stared we did things on paper cards,” he said. “It still works.

“Here at OPD, luckily we had some fall back because we used to be our own dispatch center. We still employ dispatch clerk. We were still able to access (a law enforcement information system) and run license plates and IDs when just had to switch to a different channel for the information.”

Jones said the department entered warrants and stolen car data for agencies and brought in extra personnel to help out.

The department uses the same reporting system as BCSO, so officers used printouts of forms to write report. They will be have to enter them into the system when it is fully functional.

“Fortunately, it is a slow time of year. I think we take for granted that infrastructure and how critical the security of it is,” Jones said. “Certainly impacted the agencies.”

Ross Twp. Police Chief Burt Roberts said his department has its own new record management system, so report taking and entering were not impacted. Roberts said there were other options they used to access law enforcement information systems.

“Law enforcement didn’t just shut down,” he said. “Believe it or not we actually did police work before computers came along.”

All along, law enforcement leaders stressed, the work was still being done.

“Technological issues are anticipate and we all have a back up plan,” said Fairfield Twp. Police Department Chief Robert Chabali. “The safety of the community and the officers remained intact.”

Source…