A group known for hacking law enforcement agencies demanded that the Grapevine Police Department seek murder charges against an officer. “Spambots” brought down the Dallas Police Department’s website for a day. And the Cleburne Police Department fended off five cyberattacks.
Experts say that “hacktivists” increasingly might be targeting police departments in response to several controversial police shootings, and that the departments often have trouble playing defense against hackers whose skills are constantly improving.
“With these hacktivists, there’s an ax to grind or a cause to promote that they want to make a public statement about,” said Stephen Ward, of iSight Partners, a Dallas-based cyber-intelligence firm.
A recent video posted to the Grapevine Police Department’s Facebook page, for example, referred to a controversial shooting of an unarmed Mexican citizen by one of its officers in February. A computerized voice ordered the release of a dash cam video showing the shooting. It also demanded that the officer be charged with murder.
“We are tired of your lies,” said the narrator. “We are tired of your cover-ups.”
An international hacking group known as Anonymous claimed responsibility.
Grapevine police said they view the video as a threat. After it was posted in late April, they warned officers to be careful opening emails and to log off computers after their shifts.
Anonymous is known for hacking law enforcement databases and publishing private information. It claimed responsibility for posting the names and addresses of a high-ranking police official’s family in Ferguson, Mo., after a white officer shot a black teenager in August.
“We know that they are a group that’s known for breaking into computer systems and breaking into networks,” said Grapevine Police Sgt. Robert Eberling. Beyond the Facebook posting, Eberling said that there was no sign that Anonymous tried anything more.
Eberling said the department didn’t release the video since the Tarrant County District Attorney had ordered that it be kept under wraps until a grand jury decided what to do with the case. The video was released late last month after the grand jury declined to charge the officer.
Closer to home
The Dallas Police Department’s computer system has been targeted twice.In February 2012, hackers breached the department’s internal server and stole the usernames and passwords for several officers. No cases were compromised, police said.
The city later disposed of the corrupted server and bought a new one, said Tony Aguilar, one of the city’s cybersecurity experts.
And in December, hackers overloaded the Dallas police website with “spambot” activity, what’s also known as a denial of service attack. It was down for about a day.
Many other law enforcement agencies nationwide experienced similar attacks about the same time, Aguilar said. He said he believes those were linked to protests in Ferguson.
The city took the police website’s servers offline for a day and tried to block the IP address that appeared to be the source of the malware.
“It’s better to bring an entire system down and isolate the cause versus bringing up another system right away,” Aguilar said. “Because if you do that, they’re just going to hack that one.”
Authorities weren’t able to determine who was responsible. Even if they had, police aren’t certain that a crime was committed because internal systems were not breached and nothing was stolen, said Maj. William Humphrey, who oversees the department’s cybercrime division.
Cleburne city officials faced a cyberattack in October after a video of a Cleburne police officer fatally shooting a dog attracted hundreds of thousands of views online. Hackers launched five unsuccessful attacks on that city’s computer system, Mayor Scott Cain said.
Federal authorities traced the attacks to an address overseas, but no suspects were identified, Cain said.
When hackers are based in other countries, or appear as though they are, U.S. authorities have a hard time pursuing a case, said Diana Dolliver, a cybercriminology professor at University of Alabama. Hackers are constantly evolving their technology and methods, experts say, and many companies and governments struggle to keep up.
Only about 80 countries have outlawed online misconduct. “The jurisdictional problems with cybercrime are almost unfathomable,” Dolliver said.
According to published reports, police departments in Detroit, the Boston area and Chicago suburbs have had their data seized by “ransomware.” Some departments, mostly smaller ones, have paid the ransoms because they lacked backup data and the demands were $1,000 or less.
Police in Tewksbury, Mass., for example, paid $500 to retrieve their data after hackers encrypted it on Dec. 8, according to the Boston Globe. Federal experts tried to find a way around the encryption, but after five days the department decided to pay the ransom.
“There’s a serious deficiency in the information security community’s ability to keep pace with the evolving threat,” Ward said.
©2015 The Dallas Morning News, Distributed by Tribune Content Agency, LLC.
