The city of Atlanta Police department lost critical dashcam video evidence during a ransomware attack that occurred in March 2018, admitted Atlanta police chief Erika Shields.
The entire IT infrastructure across Atlanta city was affected by the attack. Resultantly years of dashcam footage was lost permanently. SamSam ransomware, a dangerous file encrypting virus, was used to launch the attack.
The lost footage can be used to compromise DUI cases in case an officer’s testimony is insufficient. But, it is yet unclosed how many investigations might be affected.
While speaking with The Atlanta Journal-Constitution and Channel 2 Action News, the police chief affirmed that the department hasn’t lost access to crucial evidence including investigatory documents. Although at the beginning of the attack, the department’s access to investigative files on its servers got restrained but eventually full access was restored. As stated by Shields:
“I would not sugarcoat that. I have been asking since Day One, ‘… Do we have criminal investigatory files that have been compromised?’ And I have been told, no.”
Hackers demanded 6 BTC ransom
SamSam ransomware infected multiple customer-facing systems and the officials were asked to pay 6 Bitcoins, approx. $51 thousand, as ransom. The city Mayor Keisha Lance Bottoms refused to pay the ransom and instead spend the considerably high amount of rebuilding the compromised servers as well as the IT infrastructure of the entire Atlanta city.
Dept paid $2.7m for emergency IT system restoration contracts
Reportedly, the City of Atlanta signed emergency contracts worth $2.7m to restore the IT systems of the city. Chief Shields has confirmed that the modified systems will prevent breaking of cases and any further damage.
“I’m not overly concerned, I’m really not, because that’s a tool, a useful tool, for us. But the dashcam doesn’t make the cases for us. There’s got to be the corroborating testimony of the officer. There will be other pieces of evidence. It’s not something that makes or breaks cases for us,” says Chief Shields
However, according to Matthew Codland, Atlanta Police Department Investigator, the scope of the damage is wider than what was initially reported. Codland claims that nearly 105,000 investigation files on his computer have been corrupted. But, Chief Shields claims that this could be an individual incident and cannot be applied to the entire city’s IT systems.
Georgia State University’s forensic and scientific evidence expert Jessica Gabel Cino claims otherwise citing that the attack is far more widespread and repercussions might be in-depth and far-reaching.
“These days cases are broken or they’re made on dashcam footage,” stated Cino.
It is although quite likely that testimony of a police officer may be deemed questionable or even get rejected in the absence of audio or video files as credible pieces of evidence to back up the claims states Cino.
No matter how wide the scale of attack may be, it is confirmed that attackers are eyeing loopholes in systems’ security. Therefore, it is recommended that governmental institutions and corporations improve the security of their networks and systems in order to prevent similar incidents.
In February this year, state of Colorado was also hit by SamSam ransomware. In the attack, hackers targeted over 2,000 Department of Transportation (CDOT) computers and held them to ransom.
Not for the first time
This is not the first time that a police department has lost critical and sensitive data, last April, Riverside’s Police and Fire department were hit by a ransomware attack in which hackers wiped out eight hours worth of data from the server.
In January 2017, Cocker Hill’s Police Department lost digital evidence from the past several years to a ransomware attack The lost evidence included all body cam videos, photos, in-car video, and police department surveillance video were lost.”