Russian hackers leaked confidential UK police data on the dark web after ransom demand was rejected

Classified information held by some British police forces has been stolen by Russian hackers in an embarrassing security attack, the Daily Mail reports.

The cybercrime group Clop has published on the so-called Dark Web some of the information it looted from Dacoll, an IT company that handles access to the nation's police computers (PNC) - and has threatened more to follow.

Clop allegedly launched a "phishing" attack in October that gave it access to information, including PNC, containing the personal information and records of 13 million people, and demanded a ransom from the company, Dacoll.Dacoll declined to disclose the amount of the ransom demanded.

It is unclear what additional - and possibly more sensitive - information Clop may have posted on the dark web that could have been stolen by the fraudsters (using file photos)

When Dacoll refused to pay, the hackers uploaded hundreds of files to the Dark Web, a hidden area of the Internet accessible only through a dedicated Web browser.

The files include videos of images of motorists that Clop appears to have obtained from the National Automatic Number Plate Recognition (ANPR) system. The videos include close-up images of the faces of drivers who were caught speeding.

It is unclear what additional - and possibly more sensitive - information Clop may be releasing on the dark web that could be stolen by fraudsters.

Like many ransomware groups, Clop sends "phishing" emails to employees (as shown in the file photo) that look real but actually contain sophisticated viruses.

This is an extremely serious breach of a company that provides services to police forces across the United Kingdom," said Philip Ingram, a national security expert and former colonel in British military intelligence. "

"The damage caused by this data breach is unfathomable as it calls into question the existence of cybersecurity arrangements between multiple public and private organizations to manage sensitive law enforcement data."

Dacoll, based in West Lothian, was founded in 1969 by electrical engineer Brian Colling, who repaired household appliances before serving in the RAF.

The 88-year-old has grown the company into a UK-wide IT solutions provider with 160 employees.

One of Dacoll's subsidiaries, NDI Technologies, provides "critical" services to 90 percent of the UK's police forces, giving officers remote access to the PNC.

Another Dacoll subsidiary, NDI Recognition Systems, provides IT support for the ANPR system used by the police, Highways England and the DVLA.

A spokesperson for the National Cyber Security Centre said, "We are aware of the incident and are working with our law enforcement partners to fully understand and mitigate any potential impact."

Clop has made millions of pounds from ransomware hacks over the past two years. Victims have included oil giant Shell, U.S. bank Flagstar and the University of California.

Like many ransomware groups, it sends "phishing" emails to employees that look real but actually contain a sophisticated virus that collects data when opened.

Faced with fears of a leak of sensitive material, some companies have paid ransoms, including US insurance giant CNA Financial, which reportedly paid $40 million (£30 million) earlier this year.

MoS revealed last month how Clop targeted Stor-A-File, a British data storage company whose clients include GP practices, NHS hospital trusts, local councils, law firms and accountants.

A National Crime Agency spokesman said last night: "The agency is aware of an incident affecting Dacoll and we are supporting the investigation."

A spokesman for Dacoll said, "We can confirm that we were a victim of the cyber incident on October 5. We were able to quickly return to our normal level of operations. The incident was limited to our internal network and was not connected to any of our customers' networks or services. "

From:On DarkNet – Dark Web News and Analysis
Copyright of the article belongs to the author, please do not reproduce without permission.

<<Pre Post
Next Post>>