Suburban Chicago Police Department Forced To Pay A Hacker $500 Ransom For Its Own Files

The police department in the suburban Chicago community of Midlothian, Illinois, has paid a ransom of over $500 to a hacker after a malicious code took over the computer's files and denied access to them, the Chicago Tribune is reporting.

IT vendor Calvin Harden, Jr. told the Tribune that the Midlothian Police Department was hit with a virus known as Cryptoware. The virus makes the files on a computer inaccessible to the user, and they can only be retrieved if the user pays money to the hacker who wrote the program. Such programs are collectively referred to as "Ransomware," and Cryptoware isn't the only one.

In Ransomware attacks, the victim will be required to pay in a crypto-currency such as Bitcoin, according to Crypto Coin News. In the Midlothian case, the ransom was 2.6 Bitcoins, which is about $616 at the most recent exchange rate as of this post. Such currencies are all but impossible to trace, meaning that the hackers can expect to get away with their crimes scot-free.

Fortunately for the Midlothian Police Department, the Ransomware attack only infected one computer, and not the entire department's computer system at large.

"It didn't encrypt everything in the police department. It was just that computer and specific files."
Midlothian got off light compared the Dickson County Sheriff's Office in Dickson, Tennessee. According to this Inquisitr report, a Ransomware virus known as "Cryptowall" got into the department's entire system and locked up everything: police reports, crime scene photographs, witness statements, autopsy reports, records of traffic tickets. A total of 72,000 files were blocked, and the department wound up having to pay a $500 ransom in Bitcoins.

Fred Hayes, president of the Illinois Association of Chiefs of Police, says that Ransomware attacks on police departments are becoming a much bigger problem of late.

"This is something that quite a few people recently, and when I say recently [I mean] over the last year or two, have been experiencing."
Mr. Hayes recommends that police departments protect themselves from Ransomware attacks by backing up their data off-site.

Another sage piece of advice to protect police department computers from Ransomware would be to train police officers on basic computer safety. In the Tennessee case, the Ransomware was downloaded when an officer, listening to streaming radio, clicked an ad. In the Midlothian case, an employee opened an email attachment that contained the virus.

As of this post, it is not clear if the Midlothian police employee who downloaded the Ransomware has been disciplined.

[Image courtesy of Getty Images/Adam Berry]