Ransomware infiltrated the systems that were running NYPD’s fingerprint database. The infection took place in October last year, after a contractor connected to the network to set up a digital display, reported New York Post.
The incident led to the shutdown of the LiveScan fingerprint tracking system. Nonetheless, the good news is that the ransomware was not executed, meaning that there are no real consequences. However, the incident is quite alarming since a ransomware attack against the NYPD could be a real disaster.
The NYPD database is connected to the massive Statewide Automated Fingerprint Identification System which contains some 7 million files. If a ransomware infection is successful, all these files could be encrypted and the system could be offline for days.
The NYPD Ransomware Incident Explained
According to the New York Post, a contractor was setting up a digital display at the police academy in Queens, when he plugged in a contaminated NUC mini-PC. The device “transmitted an unidentified virus to 23 machines linked to the department’s LiveScan fingerprint-tracking system”.
The police quickly realized that there was a cybersecurity incident. Even though the ransomware never executed, the NYPD decided to shut down LiveScan and to reinstall software on 200 computers “out of abundance of caution”.
It is now known that the vendor, who hasn’t been identified, was questioned but not charged with malpractice.
While the NYPD was able to circumvent a ransomware infection, such breaches in public databases could have disastrous impact, and are indeed a growing concern.
An example of a recent ransomware infection against an organization is the attack against Pitney Bowes, a mailing equipment and services company based in Stamford, Connecticut, which was hit this October.
The company said that no customer data was compromised in the attack. According to the official statement, the company experienced an “outage” that affected their SendPro products, postage refill, and Your Account access. Even though no client data appears to be affected, many of the company’s online services were inaccessible as a result of the attack. Customers’ access to the postage supply web store was unavailable as we all the ability to automatically upload envelope-printing transactions from machines which in normal circumstances happens at least once a day.
According to RiskSense statistics, “ransomware cost businesses more than $8 billion in 2018. As a benchmark, the City of Atlanta which was hit by SamSam last year, incurred costs estimated to be in the range of $17 million.” The RiskSense report talks about the vulnerabilities that ransomware uses the most in attacks against companies and organizations.