Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Hackers selling network access to multiple US police departments on dark web

April 2021 by Andrey Yakovlev, Security Researcher at IntSights

The comment by Andrey Yakovlev, Security Researcher at IntSights, highlighting new research that has found threat actors selling access to the networks of various US government organisations including access to the Chief of police in various states, and the VPN portal of a city in Arizona. This research comes after the news that the Washington DC police department suffered a ransomware attack by the Russian ransomware gang, Babuk.

“It’s simply another Monday for Russian hackers. Babuk is a relatively new ransomware group that does not target the Russian Federation or other CIS counties and hospitals (besides private plastic clinics and dentistry). They focus on Hyper-V and ESXi virtualisation technologies and accept only proficient partners. With that being said, the hack of the Washington DC police is a clear cut, gangsomware case and usually in cases such as this one, there isn’t a lot of dark web chatter. Ransomware operators not only wait for a relevant application to come to an affiliate’s program, but they also actively monitor offers of access to internal networks which are constantly being sold on the dark web. While there is no data from this particular breach on the dark web, threat actors are actively targeting police departments across the US. For example, we have seen that there has been one threat actor targeting US government institutions and police departments.

Our research has found that one of the sales from this threat actor was published in February and the hacker offered access to a VPN portal of a city in Arizona that included access to the City Court System, City Government, Police Department, Fire Department, Solid Waste, Recreation Services, Engineering Services, Utility Services, Library, Fleet Services, Airport, Finance, Street Maintenance, Animal Control, Human Resources, Legal and Information Technology.

The second sale offers access to "Chiefs of Police (US State disclosed to buyer)". The hacker also offers access to: "Sheriff’s Office in **, Ohio, USA", "(gov) County of **, Pennsylvania, USA", "(gov) County of **, Missouri, USA", "(gov) City of **, Georgia, USA", "(gov) City of **, Florida, USA", "(gov) County of ** Water District, Arkansas, USA".

Government organisations hold significant personal information on many people, some of which may be high profile personnel. Because of this, it is a prime target for threat actors and nation-state attackers alike.”

See previous articles


See next articles