The Metropolitan Police Department (MPD) of the District of Columbia has become a victim of a ransomware attack and 250 GB of unencrypted files were stolen.
The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police’s networks and stole unencrypted files. The screenshots of various folders containing investigation reports, arrests, disciplinary actions, and other intelligence briefings were also shared by the group.
The MPD also called as DC Police is the primary law enforcement agency for the District of Columbia in the U.S.
The ransomware gang has given three days’ time to the department to pay the ransom or risk leaking sensitive files that could expose police informants to criminal gangs.
The gang mocked that even an institution such as DC can be threatened and that they have downloaded a sufficient amount of information from their internal networks. They urge the department to contact them as soon as possible, to prevent leakage. If they do not get a response within 3 days, they will start to contact gangs to drain the informants.
The group also threatens on their data leak site that they will continue to attack the state sector of the usa, fbi csa, and that larger attacks are awaiting.
Babuk Locker is a relative new ransomware group that mainly targets transportation, healthcare, plastic, electronics, and agricultural sectors across the U.S., U.K., U.A.E., China, India, South Africa, Spain, Germany, and Italy at least since the beginning of 2021.
They are also known for attacking Linux-based systems such as VMware ESXi.
According to the Babuk gang, the key problem that all organizations face when confronting threats is speed.
Cymulate CTO Avihai Ben-Yossef said that it takes too long for known vulnerabilities to get patched on all systems. Defenders that rely on manual security testing methodologies are unable to match the pace of threat actors in finding security gaps and fixing them.