Ragnar Locker ransomware operators hit a police station in Antwerp, Belgium, making off with crime report files, investigation reports and personal information of police agents.
Then, in a twist that demonstrates the brazenness of today’s cybercriminal, the crooks demanded ransom – from the police.
The attackers had initially targeted the offices of the municipality of Zwijndrecht, but ended up hacking Zwijndrecht police, according to Bleeping Computer.
Ragnar operators have claimed responsibility for the attack, leaking samples of the stolen data on their name-and-shame blog on the dark web.
Belgian journalist Kenneth Dée, who broke the news of the attack, said the threat actors presumably infiltrated the Zwijndrecht police network by exploiting a poorly protected Citrix endpoint.
Local media reported that the hack exposed 18 years worth of data, collected by Zwijndrecht police from 2006 to September 2022, including investigation reports, fines, crime files (including images of child abuse), and files belonging to police agents, such as party photos.
“For the sake of clarity, it is specifically about the information on the administrative network,” Marc Snels, chief of Zwijndrecht police, relayed to local news station VRT. “It is not the case that all data has been leaked. That network mainly contains personal information of our staff, such as staff lists and photos of staff parties.”
"But it is true that there is sometimes sensitive information on that network, even though we always try to put it only on the professional network,” Snels continued, according to a Google translation of the VRT report. “Those are human errors. For example, fines and PVs have also been leaked. Also, photos of child abuse. That is very painful, of course."
In an exchange with Bleeping Computer, Dée said the leak also contains footage from traffic cameras, emphasizing that, “this is the largest law-enforcement leak in the history of Belgium and probably the most impactful leak we have ever seen in our country.”
The police chief confirmed to Belgian reporters that Ragnar operators asked for a ransom to keep the lid on the data, but the police refused to give in to their demands.
Belgian authorities are investigating the hack as the Zwijndrecht police have begun contacting people whose information has been leaked with instructions on how to handle any extortion or fraud attempts.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 19, 2024
November 14, 2024