Everything can be hacked. This is the reality that all cybersecurity experts must deal with on a daily basis. It is this reality that Washington, D.C., police came to terms with in the days leading up to last month’s presidential inauguration. In a report written by the Washington Post, it was revealed that, according to various official channels, D.C. police CCTV cameras were compromised by ransomware.
According to the WaPo report, “hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras eight days before President Trump’s inauguration, forcing major citywide reinstallation efforts,” which ultimately took down 123 cameras. The cameras were responsible for monitoring public spaces in the D.C. Metro area, but officials insist public safety was not compromised. This assertion was made most notably by Secret Service Agent Brian Ebert.
In terms of dealing with the ransomware, Washington D.C.’s Chief Technology Officer Archana Vemulapalli said no ransom was paid. Instead, the incident-response team took the systems offline, removed the infected software, then rebooted each affected system. It was an intelligent choice not to pay the ransom, as there is only a greater potential for hackers to use the malware for similar attacks on essential metropolitan infrastructure.
The cyber forensics of the hack has not revealed a motive beyond monetary gain at this point. It may be entirely coincidental that the hack occurred a little over a week before the inauguration. There haven’t been any solid leads as to who is responsible for the ransomware attack, but this investigation is ongoing.
As is the case with any ransomware attack, human error is always the key reason behind the infection. Likely some ignorant individual in the employ of the D.C. police opened an email they shouldn’t have. Even further they most likely opened an attachment that deployed the payload upon execution of the file.
This should serve as yet another warning why every organization must invest resources into educating their employees on proper cybersecurity practices. There will always be an idiot that opens items they shouldn’t, but upper management must do everything possible to reduce the likelihood of this occurring.