Police lose evidence to Ryuk ransomware attack; suspects walk free

The evidence is still stored in the computer system but it cannot be accessed as those computers are infected after a ransomware attack.

The ransomware attack took over computers with digital evidence on six suspected drug dealers.

Catching one drug dealer is a daunting task for law enforcement let alone six, and it is indeed ironic when the police have to free six suspected drug dealers because of losing the evidence to a ransomware attack. 

Reportedly, critically important evidence against six suspected drug dealers detained by the police is safely stored in Florida’s Stuart Police Department computers, the evidence can send the suspects behind bars for years, however, it cannot be accessed as those computers are infected with ransomware.

The ransomware attack occurred in April 2019 and the system containing the evidence got locked forcing the State Attorney’s Office to drop all the 11 narcotics cases against the six suspects. 

See: US Natural Gas-Compression facility cripples after ransomware attack

According to the investigators, the computers were hit by a virus known as Ryuk, which infected the system through a spearfishing link. The infection stayed undetected for almost two months and only learned about it after the hackers sent a ransom note demanding 300,000 in Bitcoin. The department refused to pay the ransom and is still trying to recover from the hack attack. 

As per the Stuart Police Department’s Det. Sgt. Mike Gerwan, due to the ransomware attack the police have lost nearly “one and half years of digital evidence,” including video footage and photos, WPTV reported.

The dropped cases included 28 charges against the defendants, who were accused of possessing meth and cocaine, producing/selling/delivering of narcotics, and using two-way communication devices illegally.

Gerwan further stated that such incidences where the data was lost due to a cyberattack were quite common within the law enforcement community and every time the police have to let go of critical evidence.

Not for the first time

This is not the first time when a police department has been suffered a ransomware attack forcing officials out of their computers. In 2017, Dallas, Texas’s Cocker Hill Police Department had its computer system held for ransom and resulted in losing digital evidence from as far as the year 2009.

In 2014, Tewksbury Police Department, Massachusetts had their systems locked up by cybercriminals who demanded €460/$500 in Bitcoin from the department to get the decryption key. The department ended up paying ransom money.

In 2015, Midlothian Village, Illinois, Police Department became the target of ransomware attack having file-encryption capabilities. The department had to give in to the demands of attackers for retrieving sensitive police records.

Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.

  1. Jim Browning is the man! He’s doing the Lord’s work. I know he’s not the only hacker. To all of them I enjoy their content.

  2. Each of these systems should have a custom whitelist, determined by their own department of what applications are allowed to run on them. Any other application should just be silently blocked from launching. It would vast reduce ransomware occurences.

Comments are closed.

Related Posts