It was back in Q4/20 when the UK based Outsourcing company serco were warned they were running with digital insecurities – something which was leveraged by the Babuk Gang when they exploited some of the said security weaknesses in Q1/21 with a Ransomware attack – followed by a public disclosure of the acquired data. Rumour does have it on this occasion a ransom was paid.
The Babuk Gang have yet again risen to adverse fame, this time by compromising the Washington DC Police Department with a successful Ransomware attack – and again, acquiring data – very sensitive data, releasing and making public real-time information relating to investigations, and the contact details of multiples of active, and retired Police Officers – a situation which is of course potentially life threatening. See Fig 1. (Thank you to our external helpers)
Fig 12 – Redacted – Babuk Gang Released Confidential Files
Whilst worrying, the serco incidence only compromised and released what was commercial information into the public domain. However, with the case of the DC Police Department we see highly sensitive operational intelligence being released into the Public Domain with very real and dangerous implications.
The added concern is of course, post such public disclosures, it is simply impossible to assess, even after a ransom may have been paid, what data has remined in the hands of the public, and in this case, the dangerous criminal elements, and Organized Crime Gangs (OCG) of society. But the bad news does not stop here – today an OSINT scan was run again 8 other US Law Enforcement Agencies, and they were also found to be wanting in the aspect of Digital Security.
To conclude, we have been warned by the Head of the US Security Services, as well as the Government Executive in the US, and the Cybersecurity Advisory published 26 April 2021, warning of the cyber threat we are facing – yet, still many Commercials and Government Agencies would seem to be running into the hands of the potential of future compromise by the Babuk Gang, or other such hostiles like CozyBear, rather than to doing the right thing – secure the assets!
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.