US Police Declines to Pay Bitcoin Ransom, Loses Years of Data

Earlier this year, the office of the Cockrell Hill Police Department in Dallas was hit with a series of ransomware attacks. Data stored on local computers and servers was immediately encrypted and disabled for use indefinitely. Distributors of the ransomware requested a one-time payment worth US$4,000 in bitcoin in exchange for a decryption key to unlock the department’s data and evidences collected over the past few years.

Stephen Barlag, Cockrell Hill’s police chief, released a statement on January 25, to admit that the police department lost video evidence and a cache of digital documents dating back to 2009. The data was encrypted by “OSIRIS,” a sophisticated ransomware variant designed to autonomously encrypt data until payments are facilitated in bitcoin.

Most modern ransomware variants have an internal time lock system which either encrypts data permanently or completely deletes compromised data if victims fail to send bitcoin payments within a given time frame. The vast majority of bitcoin-based ransomware utilize a 1 week time lock, granting users a 168-hour window to settle the payment.

Government agencies including the FBI and police departments encourage victims not to pay the ransom in bitcoin as there is no guarantee that the ransomware developer or distributor would provide a decryption key after the payment is received.

Barlag and the rest of his division in the Cockrell Hill Police Department declined to comply with the demands of the ransomware distributor, refusing to pay a $4,000 transaaction in bitcoin. As a consequence, the police department lost 8 years of data that is currently being sought after by lawyers and prosecutors nationwide.

“We were told by the FBI that paying doesn’t always get you your information back. They told us that some people whose files are infected pay, and they get their files back, but sometimes it doesn’t work. So we decided it was not worth it to pay, and potentially, not get anything back anyway,” said Barlag.

After the ransomware incident was closed by the department, Barlag and his division received requests from criminal defense lawyers in Dallas including Collin Beggs, who was seeking out for a video footage necessary for a trial involving a felony evading case.

In an interview with non-profit organization MotherJones, Beggs stated that his young client could face 10 years in prison if the police department fails or declines to recover the lost footage. Yet, the department firmly responded:

“If requests are made for said material and it has been lost, there is no chance of recovery or producing the material. All bodycam video, some photos, some in-car video, and some police department surveillance video were lost.”

Beggs further emphasized that physical copies of the video and documents available at the police department aren’t sufficient to relieve his client of his charges.

As Nick Selby, a police detective in the Dallas area and director of the Secure Ideas Response Team, notes, ransomware attacks have been targetting police departments and law enforcement agencies over the past two years. Still, US police departments aren’t making an attempt to implement cloud-based systems or overhauling their outdated infrastructures in order to prevent ransomware infection.

If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.

2 Comments

  1. CAAWEY February 21, 2017
  2. Mind Hacker February 21, 2017

Leave a Reply