Hackers selling network access to multiple US police departments

shutterstock 350124851

New research that has found threat actors selling access to the networks of various US government organisations including access to the Chief of police in various states, and the VPN portal of a city in Arizona. This research comes after the news that the Washington DC police department suffered a ransomware attack by the Russian ransomware gang, Babuk

Andrey Yakovlev, Security Researcher at IntSights comments on the research:

“It’s simply another Monday for Russian hackers. Babuk is a relatively new ransomware group that does not target the Russian Federation or other CIS counties and hospitals (besides private plastic clinics and dentistry). They focus on Hyper-V and ESXi virtualisation technologies and accept only proficient partners.

With that being said, the hack of the Washington DC police is a clear cut, gangsomware case and usually in cases such as this one, there isn’t a lot of dark web chatter. Ransomware operators not only wait for a relevant application to come to an affiliate’s program, but they also actively monitor offers of access to internal networks which are constantly being sold on the dark web. While there is no data from this particular breach on the dark web, threat actors are actively targeting police departments across the US. For example, we have seen that there has been one threat actor targeting US government institutions and police departments.

Our research has found that one of the sales from this threat actor was published in February and the hacker offered access to a VPN portal of a city in Arizona that included access to the City Court System, City Government, Police Department, Fire Department, Solid Waste, Recreation Services, Engineering Services, Utility Services, Library, Fleet Services, Airport, Finance, Street Maintenance, Animal Control, Human Resources, Legal and Information Technology.

The second sale offers access to “Chiefs of Police (US State disclosed to buyer)”. The hacker also offers access to: “Sheriff’s Office in **, Ohio, USA”, “(gov) County of **, Pennsylvania, USA”, “(gov) County of **, Missouri, USA”, “(gov) City of **, Georgia, USA”, “(gov) City of **, Florida, USA”, “(gov) County of ** Water District, Arkansas, USA”.

Government organisations hold significant personal information on many people, some of which may be high profile personnel. Because of this, it is a prime target for threat actors and nation-state attackers alike.”

 

To stay up to date on the latest, trends, innovations, people news and company updates within the global security market please register to receive our newsletter here.

Media contact

Rebecca Morpeth Spayne,
Editor, Security Portfolio

Tel: +44 (0) 1622 823 922
Email: editor@securitybuyer.com

 

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on print

MORE LATEST NEWS

Latest News

LEGIC Connect surpasses 7.5 million users

Registered users in 200 countries have switched to secure, contactless access, rental and vending apps based on mobile credentials and the LEGIC Security Platform Swiss-based

remote working
Latest News

Remote working anniversary

With the one-year anniversary of remote working coming up on Tuesday 16th, we wanted to share some expert comment with our readers on advice to

RFIS
Latest News

Access cards from iDTRONIC

Flexible and secure access to company buildings and premises for employees RFID cards have become an indispensable part of our everyday lives and used in

Depositphotos 191278830 xl 2015
Latest News

2021 trends in video surveillance

Eagle Eye Networks details the latest 2021 Trends in the video surveillance market, with a focus on cloud based solutions, AI and evolving compliance requirements