Maine Sheriff Todd Brackett’s first inclination when he learned part of his department’s computerized records management system had been taken over by ransomware was not to pay. “We’re policemen,” he said. “We don’t pay ransom.” Ultimately he — like Allegheny County District Attorney Stephen A. Zappala Jr. in Pittsburgh — did pay ransom, reports the Pittsburgh Post-Gazette. Brackett learned that the computer backup system for his department had not been working properly. Not paying the $360 ransom —to be paid in the online currency Bitcoin —would result in his losing nearly four months worth of reports. Everything from traffic accidents to felony sex assaults to officers’ evidence logs would be gone.
His story is one of many in law enforcement agencies across the U.S. as the proliferation of ransomware has grown exponentially in the last two years, from about five variations in 2015 to more than 100 now. “Small organizations are basically sitting ducks,” said Christopher Soghoian of the American Civil Liberties Union. “Many parts of the government, particularly at the state and local levels, struggle with technology.” Once ransomware gets in a user’s computer — typically by getting the user to click on a link or attachment in an email — the files become encrypted. That means the user cannot access them without getting a decryption key. To get the key, the criminals ask for a ransom, often between $300 and $1,000. Last year, the Allegheny County District Attorney’s office paid $1,400 for the decryption key for a computer that had been taken over.