Although officials claim that the safety of the public was never put in jeopardy, there was a three-day period where much of the city’s recording capabilities were several reduced. Out of 187 recording servers, 123 were infected by the attack, effectively making them unusable for those few days. Although the city didn’t pay any ransom, it did have to take the system down for a few days and clean the infection out.
Traditionally, ransomware has attacked corporate and personal systems, encrypting important files and demanding payment to return them to normal. Ransomware is very tricky to deal with, though mostly because it has affected key files. In the case of recording systems, it may be that little of worth was encrypted — and likely lost due to non-payment — but it seems that the police were able to get them back online in short order.
No word has been released on who may have been responsible for the attack and an investigation is still ongoing. It is perfectly possible that it was merely some exploitative hackers who found a backdoor into a lot of Internet of Things devices, not knowing or necessarily caring that they were official police cameras. Other than being a week prior, there are no solid links with the inauguration ceremony.
Still, this has raised concerns about the security of police cameras. If it was possible to hack into them and effectively break the network of recorders and their connected cameras, it could well be possible to use them for nefarious purposes.
As always, we recommend to keep yourself safe from ransomware that you are very careful with links and attachments, especially from unsolicited sources.
