Jayne W. Miller reports that when Tewksbury Police discovered that the department’s network had been locked up by CryptoLocker last December, the town decided to pay the $500 bitcoin ransom. Of course, that’s exactly what experts recommend folks NOT do, as it only encourages more attacks on others, but hey, this is the same town that just brushed off a big privacy breach by their school district, so I wonder how much of a clue they actually have about privacy and security until they get clobbered. In this case, the police felt that they had no option but to pay. Miller reports:
In total, police systems were down between four and five days as the department worked with the FBI, Homeland Security, Massachusetts State Police, as well as private firms in an effort to restore their data without paying the ransom.
[…]
Police Chief Timothy Sheehan told the Town Crier that Tewksbury was hit with a newer form of CryptoLocker, for which authorities did not have the key. Though initially infected sometime on December 7, the department became aware of the malware on December 8, 2014.
“So there was no backup for the now-encrypted records?” you may be asking by now.
In Tewksbury’s case, the back-up on an external hard drive was also corrupted. The most recent non-corrupted tape back-up was 18 months old, and simply not enough to rebuild missing information from paper reports.
Read more on The Town Crier.