Eleven narcotics cases against six suspected drug dealers were dropped after crucial evidence was lost in a ransomware attack. The attack hit the Stuart police department in Florida, US, in April last year. Since then, some data was able to be recovered from backups, but the evidence in the eleven cases could not be retrieved.
What Evidence was Lost
The evidence pertaining to the eleven cases is on computers at the Stuart Police Department. However, investigators haven’t been able to access the evidence because hackers locked the files. Given that the Stuart Police Department decided not to pay the ransom to unlock the files, the evidence in these files has been lost.
“Lost files included photo and video evidence,” said Detective Sergeant Mike Gerwan from the Stuart Police Department. Gerwan stated that the dropped cases included charges for possession of meth and cocaine, as well as for selling, manufacturing and delivering various narcotics. Consequently, the lost evidence could have put the suspected drug dealers in jail for many years.
How was the Police Department Attacked?
The Stuart Police Department was hit by a Ryuk ransomware attack in April last year and they are still recovering from it. An investigation “…determined how they got in was a spear phishing link,” explained Gerwan. “We also determined the virus was in our system for about two months before they revealed themselves with a ransom note.”
The ransom note demanded that the city of Stuart pay $300,000 in bitcoin to have their computer systems unlocked. However, the city refused to pay the ransom and consequently lost its files. The police department was able to recover some files from backup but not all.
The FBI recommends that victims not pay ransoms as this encourages cybercriminals to continue their attacks. The FBI also explains that hackers use one-third of the ransom they receive to invest in enhancing their ransomware software.
The Police Department’s Response
The Stuart police department has since trained its employees on how to identify phishing emails. Furthermore, the police department has changed the way they save and store their evidence.
Ransomware attacks have increased exponentially over the years and they have become increasingly more targeted and sophisticated. This has led to more and more police resources needing to be deployed to fight cybercrime. “When I first got in law enforcement, most of the crimes were person crimes, a little bit of property crimes,” Gerwan stated. “I believe that at the end of this decade, cybercrimes are going to make up a major percentage of the types of crimes that we investigate.”