Police departments in Maine had no choice but to pay the $300 bitcoin ransom after their Burgess Computer system was infected with the Megacode ransomware.
The malware encrypted critical files, demanding the ransom in exchange for a decryption key to unlock them. The malware threatened that the files will be permanently destroyed if the bitcoins were not paid by the given deadline.
This marks the latest in a string of such incidents affecting police departments in the US. Although looked upon to protect the country, they have been powerless to defend against the malware. Bitcoin’s effectively anonymous model also makes it practically impossible to pursue the perpetrators after the ransom is paid.
Recently, the battle against another version of such malware, CoinVault, underwent a turning point for the better when Kaspersky Labs and law enforcement agencies managed to get their hands on the decryption keys. But the victory may be limited to only that battle in a war with possibly dozens of varying iterations.
Filling the Gap Between Brokers, LPs, and ClientsGo to article >>
Sheriff Todd Brackett said the team tried finding a way around it, but in the end realized they had only one choice. Normally, the hard drives would simply be wiped clean and offline backup files would be used, but this time, the backups weren’t working properly.
The virus was apparently downloaded when an executable e-mail attachment was opened. Brackett said:
“We’ll have more virus protection training where we go over how to tell if something might be a virus. Sometimes, it’s hard to tell, but you’ve got to keep an eye out for some of these documents that people [email] you. Sometimes it can be hard to tell if it contains a virus.”
The department believes that no private data was stolen.
The FBI is offering a multi-million dollar reward for the apprehension of the ransomware perpetrators. For now, the latter clearly have the upper hand. Alternative measures including adequate backups and anti-malware software are the best bets.