Multiple Ransomware Attacks Cut Off Police Access to Crime Database in Riverside, Ohio

The department lost access to the Ohio Law Enforcement Gateway on May 14 to shield the statewide system from damage and prevent data exposure.

by Will Garbe, Dayton Daily News / July 25, 2018

(TNS) — Riverside Police Department’s access to Ohio’s statewide system of law enforcement databases is suspended following multiple ransomware attacks on the city’s computers earlier this year, the Dayton Daily News has learned.

The department lost access to the Ohio Law Enforcement Gateway on May 14 in order to shield the system from damage and protect confidential information from exposure, a spokeswoman for Ohio Attorney General Mike DeWine said.

Frank Robinson, the Riverside police chief, said the department is largely unable to access “anything that has do with old reports or old cases” in Riverside. He said it is possible that some of the inaccessible reports are for still-open cases.

The gateway “basically holds our old reports,” Robinson said. “We can’t get those reports right now. We’re in the process of figuring out how to get those reports for us.”

In addition to records, the gateway system allows officers to quickly search a deep well of databases from police departments and other sources across the state and nation. Using a name, vehicle or tattoo description, address or image, the search function dwells multiple sources to yield useful information for officers.

Former Attorney General Jim Petro’s office launched a portion of OHLEG in 2003 and the system developed since then, adding new databases and tools as police departments joined the system. The gateway can be used for training, tracking the status of DNA tests and other evidence, sharing information among law enforcement agencies, identifying drugs, photo lineups, accessing warrants, prison inmate and parolee data, and other purposes.

While many of the records are public, the gateway offers police instant access around the clock and, in some cases, offers records that are beyond the scope of Ohio’s public records laws due to their confidentiality.

It is rare for a department to have its access suspended.

“It does not happen often,” said Jill Del Greco, DeWine’s spokeswoman. “The gateway’s “rules and regulations explain that (the Bureau of Criminal Investigation) reserves the right to revoke access to OHLEG in any event that could potentially put OHLEG information resources or data at risk.”

“Any time an agency loses access to OHLEG, we work with that agency to help them get back online,” Del Greco said.

Robinson said Riverside’s department is working toward restoring access in the next six weeks. In the interim, the department has sought other ways to get at information. One idea is to have a Riverside employee stationed at another police department to access information for the department.

Two ransomware attacks hit Riverside this year. Often, a ransomware virus holds hostage a computer user’s data in exchange for a ransom, often cryptocurrency or bitcoin.

The second attack, in May, was less damaging than the first in April that rendered about 10 months of police records inaccessible. Robinson said those records are still inaccessible.

“A lot of things that were on there we can still get because we have copies of them, or we’ve redone reports,” Robinson said. If a case moved to the justice system before the ransomware case, the prosecutor’s office would also have a copy of the files, he said.

Robinson warned other departments should take precautions to avoid becoming a victim of ransomware attacks.

“I think the biggest thing is to make sure that your IT service and all the information you have is locked down as secure as possible,” he said. “Nothing says someone still can’t get to it, but it’s important to make sure it’s locked down as much as possible.”

©2018 the Dayton Daily News (Dayton, Ohio) Distributed by Tribune Content Agency, LLC.