Image
"On December 12, 2016, the Cockrell Hill Police Department became aware that files on the server had been corrupted by a computer virus. They immediately disconnected the server and all computers from the internet and all state database systems and were able to contain the virus. After investigating the issue, it was determined that the virus had been introduced onto the network from a spam email that had come from a cloned email address imitating a department issued email address."The virus bore the name "Osiris," which means there's a good chance the Cockrell Hill Police Department came into contact with the Osiris variant of Locky ransomware. This would explain why the virus encrypted many of the police department's files and demanded 4,000 USD in Bitcoin for the decryption key. The police department contacted the FBI's digital crimes unit for advice. Rightly so, the FBI pointed out that there was no guarantee the police department would receive their files back if they met the ransom payment. As a result, Cockrell Hill's police decided to not pay the ransom.
Image
"It makes it incredibly difficult if not impossible to confirm what's written in police reports if there's no video. The playing field is already tilted in their favor enormously and this tilts it even more."At the time of the infection, the Cockrell Hill Police Department did not have a working backup. Let's hope this incident helps motivate police departments and other types of organizations everywhere to invest in data backup technology and ransomware prevention strategies.
