Cybersecurity and law enforcement

Police Departments Continue to be Targeted

-Charles Parker

Police departments are interesting. In business operations, you have business data, customer data, and other points to secure. Police departments do have their operational information but these places also hold a treasure trove of data on the crimes in their area (i.e. evidence). This can be on the persons arrested, the crime, crime scene, and associated data. In addition, the police provide critical service for the area they serve.

Due to these factors, police departments have and continue to be targeted. If simply breaking in isn’t enough of an effort, encrypting or exfiltrating their data can be costly to the department. The Azusa police department recently felt the ransomware sting as the department fell victim to this.

The department announced on May 28, 2021 the issue as being compromised by the ransomware attack. The attackers gained access to the data located in the department’s systems. The department did not pay any ransom or fee. The details have not been provided. From the published information, the ransom was based on releasing information versus encrypting the systems.

The data accessed does appear to be PII, unfortunately. In this case, the attackers appear to have accessed the social security numbers, driver license numbers, California identification numbers on financial accounts or health insurance. The police department recommended to the parties affected to monitor their credit reports, statements for their accounts, and other information for any unusual or suspicious activity.

This is another example of the far-reaching effects of ransomware. Granted the police department was not affected much, however, the person's permanent and long-term information was. If the data was used for unauthorized purposes, correcting this can be difficult and time consuming, not to mention frustrating.