Ransomware operators are diversifying their targets: While businesses, communities and hospitals are still the main target organizations, the Babuk group claims a theft of 250 GB of files from the servers of the Metropolitan Police of the District of Columbia, one of the largest police departments in the United States.
Contacted by Bleeping Computer, the police department confirmed “unauthorized access to its servers” and explained that they were in the process of evaluating the scope of the attack, with the help of the FBI.
Attackers threaten to reveal names of informers
The attack was first claimed by the group on its dedicated website: the attackers posted several screenshots of files which they claim to have stolen from the police department. In total, they say they got their hands on 250 GB of internal data. According to Bleeping Computer, among the data stolen are files relating to ongoing operations, disciplinary cases, as well as gang records and profiles being monitored by the Police in the city of Washington.
In order to put pressure on their victim, the Babuk group invites the leaders of the service to contact them to negotiate the ransom, otherwise they threaten to contact the criminals in the city to inform them of the presence of undercover agents and informers in their ranks. Members of the group go on to assert their willingness to tackle other public sector institutions in the United States.
Babuk is a fairly new player in the ransomware world. Appeared at the beginning of 2021, it was illustrated by several attacks against American companies in various sectors, ranging from chemicals to the manufacture of elevators. This is the first time that a group of this type has openly attacked a police service. In 2020, the Blueleaks affair had already led to a data leak concerning American police services, but the stated motivation of the attackers was then more militancy.