The Washington DC police department has revealed that a large percentage of its CCTV cameras were taken offline in a ransomware attack. The security breach was discovered earlier in the month, and it left a number of cameras unable to record as the police department worked to remove the ransomware.
According to The Washington Post, this breach was first discovered on January 12. Police noticed that four of its camera sites located within the city weren’t working properly and teamed with technology company OCTO to investigate. The city-wide investigation discovered that two different forms of ransomware were affected 123 of the city’s 187 CCTV cameras.
Luckily, Washington DC Chief Technology Officer Archana Vemulapalli said that the ransomware didn’t spread deeper than the CCTV network. That means police computers weren’t affected, and DC police and OCTO even got rid of the problem without giving the hackers the satisfaction of payment. Instead, they simply brought the affected devices offline, wiped the software, and then rebooted them with fresh software installations.
Still, even if the problem didn’t escalate any further, those 123 affected cameras were still unable to record as the police and OCTO dealt with the problem between January 12 and January 15. Right now, the police aren’t saying who they suspect – if they suspect anyone at all, for that matter – or how the hackers gained access in the first place.
This is an all too common reminder that companies and organizations sometimes take a reactive approach to security instead of a proactive one. We were given a great example of that lax attitude toward security in two recent Yahoo breaches, and one has to wonder what it’s going to take for organizations to begin taking security seriously from the start. We’ll see if Washington DC police share any more about this breach moving forward, so stay tuned.
SOURCE: The Washington Post