Cyberattacks directed at law enforcement have a breadth of negative implications. From lost evidence needed to protect communities, to more personalized attacks which put the safety of our officers and their families at risk - these attacks need to be addressed.
Look to these notable cyberattacks to find ways technology can leave you and your department vulnerable.
Doxxing after the Ferguson shooting
Cyberattacks, particularly doxxing—when personal information is made public—puts the safety of our officers and their families at risk.
In the wake of the Ferguson shooting, the international collective of hackers, Anonymous, released personal details about police Chief Jon Belmar. The group also posted photos of his family, his home address, and phone number.
When considered in the context of a substantial rise in police killings from 2015 to 2016, doxxing presents a serious threat to our officers’ safety. NBC News, in an article published at the end of 2016, reported that there had been “an increase in total officers shot and killed — a 56 percent spike since last year — and a 250 percent rise in ambush fatalities.” Nearly one-third of the 64 officers shot in the line of duty in 2016 were victims of ambush attacks.
As the personal information of our police officers becomes more widely available to the public, it becomes easier for agitators to take violent action for perceived injustices. It also becomes more important for LEOs to protect themselves.
Doxxing and DDoS attacks following Occupy Wall Street
Cyberattacks are nothing new, but as technology evolves, the threat intensifies, becoming more sophisticated and harder to prevent. Compare the doxxing that occurred after Occupy Wall Street protests (2011) to the doxxing after Ferguson (2014).
As a response to the Occupy Wall Street movement and the arrests from its protests, a DDoS attack was launched against the International Association of Chiefs of Police. (A DDoS attack aims to knock an online service offline. This is accomplished by sending a massive amount of traffic to the online service which overwhelms the system.)
The goal of this particular DDoS attack against IACP was an effort to deliberately knock down communications leading up to their annual conference held in Chicago.
Just as in Ferguson, Anonymous was behind this attack. They claimed to be protesting perceived police brutality with their cyber attacks after the Occupy Wall Street protests.
DDoS attacks hit Denver, Albuquerque and San Jose
DDoS attacks are often used as a form of protest. After officer-involved shootings in Denver and Albuquerque, divisions of Anonymous launched DDoS attacks to shut down the online service of both police departments.
The motives behind these attacks, however, are not always clear. With DDoS attacks costing $50 to $400 or more, virtually anyone with a bone to pick can present a cyber threat. San Jose was hit with a DDoS attack that kept its system offline for several days. There was no obvious motive for that attack.
In an increasingly online world, maintaining online systems is integral to helping officers track down and put away criminals. When these systems are down, vulnerabilities in law enforcement are exposed which put our communities at risk.
Ransomware hits Cockrell Hill, Collinsville, and Durham police departments
Ransomware, in contrast with DDoS attacks, is typically the work of sophisticated hackers. And if you followed the WannaCry attack that made headlines worldwide, you know how damaging these attacks can be.
Ransomware usually starts when someone opens a malicious email attachment or link disguised as a regular email. When the link or attachment is opened, the malware is installed and it freezes everything. Then the software demands a ransom in exchange for a key to unlock the frozen files. If the ransom isn’t paid, and even sometimes when it is, the files may be lost forever.
Ransomware attacks are on the rise. In the first three months of 2016 alone there were ten times more ransomware attacks than the entire year of 2015.
Departments in Durham, N.H, Cockrell Hill, TX and Collinsville, AL have all been hit by cyberattacks. The police chiefs heading those departments decided not to pay the ransom demanded when they were hit. All of them lost files. In the case of Cockrell Hill, documents, videos, and photos from the previous 8 years were lost. Ongoing cases and investigations during the time of the attack were at risk of losing essential pieces of evidence.
Our justice system rests on the assumption that a suspect is innocent until proven guilty. That puts the burden of proof on the investigative power of the state to put criminals away. When troves of evidence face elimination from cyberattacks, our entire justice system is compromised.
Ransomware presents a dilemma there are no easy answers to. Paying the ransom encourages more attacks. But failing to do so risks losing evidence that may be essential to keeping hardened criminals off the street. Additionally, evidence that may have been altered in an attack may become inadmissible in an investigation.
Old systems are most vulnerable
As you might imagine, outdated systems generally make the best targets. This puts smaller departments with less budget to allocate towards cyber security at heightened risk. One of the best, most affordable ways to avoid an attack is to just stay vigilant, and use common sense when opening strange emails.
By doing so, you decrease the chance of a cyberattack and help your department stay focused on putting bad guys in jail. The Department of Homeland Security published some simple things you can do to avoid certain cyber attacks.