Babuk cybercriminals leaked data from the Washington, D.C., Police Department on April 26, 2021, according to The New York Times. The leaked data appeared to include the department's chief's reports, lists of arrests and lists of persons of interest.
Spokesperson Hugh Carew indicated the department is aware of "unauthorized access on server," The New York Times indicated. The department is reviewing the unauthorized activity to determine the effect on its network and has asked the FBI to investigate the incident.
The Washington D.C. Police Department ransomware attack occurred after Babuk hackers claimed to have downloaded 250 gigabytes of data from the department in a dark web post, The New York Times noted. The hackers threatened to release the data if their ransom demands were not met within three days.
In addition, Babuk hackers threatened to release information about department police informants to criminal gangs, The New York Times stated. The hackers also said they would continue to attack the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and other members of "the state sector."
The Washington D.C. Police Department hack marks the third time cybercriminals have attacked a police department since mid-March 2021, The New York Times reported. In addition, cybercriminals have initiated ransomware attacks against 26 government agencies since the start of 2021.
What Is Babuk?
Babuk ransomware was discovered in 2021, according to McAfee. It has been used in at least five double extortion ransomware attacks as of April 2021.
With Babuk, cybercriminals use a ransomware-as-a-service (RaaS) model to launch attacks, McAfee said. During these attacks, hackers use phishing emails, public-facing application exploits and various tactics, techniques and procedures (TTPs) commonly associated with other RaaS families.
Installing endpoint protection software and keeping it up to date can help organizations guard against Babuk and other RaaS families, McAfee stated. Also, organizations can work with MSSPs to identify ways to optimize their security posture.