Ransomware hackers have posted confidential police information on the shady corner of the internet known as the dark web. The data was stolen from the United Kingdom police. The story was initially reported by the Mail on Sunday over the weekend.
Who is Behind the Hack?
The Clop ransomware group is responsible for the
cyber attack. The Clop crew stole the confidential UK police information then published it for sleuths on the dark web to read and sell to criminals. This past October, these cyber thieves accessed the sensitive information after a phishing attack on an IT services provider. The Clop hackers accessed a wide breadth of information, including information stored on the police national computer, often referred to as the PNC. The IT services provider, Dacoll, is tasked with managing the PNC.
A freedom of information request recently revealed more than 2,300 data breach incidents were reported by 20+ police forces in the United Kingdom in 2020. The Clop crew is allegedly responsible for additional ransomware attacks in prior years. It is alleged that the Clop hackers attacked Swire Pacific Offshore, Shell, and the
University of California. Several Clop members were arrested this past summer after a nearly three-year investigation.
How was the Information Stolen?
The Clop ransomware crew uploaded files on the
dark web in response to Dacoll’s refusal to pay the requested ransom. The files uploaded from the PNC include zoomed-in pictures of motorists captured by the ANPR system. ANPR is short for the United Kingdom’s Automatic Number Plate Recognition.
Digital forensics teams are unsure as to whether the Clop gang has additional information about the United Kingdom police. Authorities are concerned that the Clop ransomware hackers will release additional information in the weeks and months ahead.
What is the Response to the Hack?
The National Cyber Security Centre stated digital forensics specialists and law enforcement authorities are aware of the incident. These cybersecurity specialists are also collaborating with the police to better understand the attack and minimize its impact.
Why is the Data Theft so Concerning?
Information stolen from law enforcement is particularly concerning as the data is highly confidential. If the stolen information ends up in the wrong hands, it will jeopardize the justice process and possibly upend criminal investigations. It is also possible that the data theft and publishing will create a risk for victims of crimes and eyewitnesses to crimes.
Why Wasn’t the Information Protected?
There is a common misconception that police departments have top-notch cybersecurity protections. Though the Clop crew and other ransomware specialists are constantly improving their hacking techniques, fault for the hack and release of sensitive information to the public partially lies with inadequate police department cybersecurity.
The police department’s failure to properly store the sensitive data shows the internal system clearly lacks the proper safeguards. Even slight oversight from an IT worker in a police department can create an opening for hackers to infiltrate. The Clop
ransomware group responsible for the hack described above is that much more motivated to conduct additional police hacks to spotlight their hacking prowess. Additional successful hacks also hike the chances of receiving ransom payments.