(pc-Google Images) |
The attacks took place between 12 and 15 January, the ransomware infected 123 of 187 network video recorders, each controlling up to four CCTVs in a specific area. IT staff was forced to clean up the systems to restore the situation, fortunately, the ransomware did not affect other components of the Washington DC network.
“City officials said ransomware left police cameras unable to record between Jan. 12 and Jan. 15. Thecyberattack affected 123 of 187 network video recorders in a closed-circuit TV system for public spaces across the city, the officials said late Friday.” states the Washington Post.
The first traces of the attacks were discovered by the Police on Jan. 12 D.C. when the authorities noticed four camera sites were receiving glitches. Experts at the city technology office then investigated and found two distinct ransomwares in four of the sites, then they extended the analysis to the entire surveillance network and wiped all the infected equipment.
Interim Police Chief Peter Newsham confirmed that the issue was resolved within 48 hours and there was “no significant impact” overall.
There are some points still no clear:
• Did the local police receive a ransom request? For sure they did not pay it.
• It is no clear if valuable data was lost in the attack or if the police were able to decrypt information for free, for example by using tools like the No More Ransom.
• Who is behind the attack? Cyber criminals that acted to extort money or hacktivist that tried to shut down the CCTV cameras to avoid being recorded during the street protests.
City officials declined to comment.