Ransomware: Texas police lose 8 years’ worth of evidence

The Cockrell Hill Police Department revealed in a press release that years of evidence and documentation files have been lost following a ransomware attack that targeted the department on December 12 last year.

The infection came from a spam email – sent from a spoofed department email address – and encrypted all files contained in the data server: Body camera videos, in-car videos, in-house surveillance videos, photographs, and Microsoft Office documents dating back to 2009, as well as data from ongoing investigations.

They didn’t pay the ransom

The police department was asked to pay a Bitcoin ransom of around $4,000 but, as there was no guarantee that paying the ransom would secure the decryption key, the department decided not to pay and wiped the data server. Unfortunately, the data couldn’t be recovered from backups because a backup was only made after the attack, meaning that the backup files were also encrypted.

Could this attack have been prevented?

Yes, it could. If the officer who opened the email had been trained to spot fraudulent emails, he could have saved the department from losing years of evidence. Spotting a malicious or phishing email is not that difficult if staff know where to look and what to look for. More and more companies have decided to train their employees to reduce the risk of phishing and ransomware attacks. Discover how the Phishing Staff Awareness eLearning course can help >>