Tewksbury Police Department has reportedly paid a $500 Bitcoin ransom to hackers who had infected the department’s files with a ransomware program called CryptoLocker. The malware program bogged down the police systems for 5 days after which the department finally decided to pay up.
Chief of Police Timothy Sheehan said, “Nobody wants to negotiate with terrorists. Nobody wants to pay terrorists. We did everything we possibly could.” Timothy went on to add that, “It was an eye-opening experience, I can tell you right now. It made you feel that you lost control of everything. Paying the Bitcoin ransom was the last resort.”
It was possibly the last resort given that even the cyber specialists from federal and state law enforcement along with two private cyber security firms were unable to retrieve the files.
Malware programs such as CryptoLocker, KEYHolder, and CryptoWall enter into the system via emails. When the users open these tainted emails and click on the hyperlink given in the message, the computer is affected. The programs then encrypt the data and render the data useless unless a decryption key is provided.
Moreover, the hackers demanded that the Bitcoin ransom be paid via Tor network, which makes it extremely difficult to trace the location of the hackers.
This is not the first instance of a police department being forced to pay. Earlier in November 2013, Swansea Police Department fell victim to a similar threat and had to pay $750 to get its files back. In January, the Midlothian police had to pay the hackers $500.
The Tewksbury Police Department could have chosen not to pay the Bitcoin ransom had it backed up its files and other crucial data. In Durham, N.H., chief of police Dave Kurz decided not to bow down to the threats of hackers as the department had backed up the encrypted information.
“We had to clean essentially all the computers, but all of our data was prepared,” Kurz said.