Tewksbury Police Department Victim of Cyberterrorism

Last December the Tewksbury Police Department was forced to pay a $500 bitcoin ransom following a cyberterrorism attack on its computer system.

The Tewksbury Police Department’s network was infected sometime on Dec. 7, 2014 by the CryptoLocker ransomware virus that forced the department to pay the ransom before essential department files could be unencrypted.

Department systems were down a number of days in December while officials worked with State Police, the FBI, Homeland Security and others to help restore the data without paying the ransom, according to a Tewksbury Town Crier report.

But the department had no choice, but to pay. Software that runs the department could not be used due to the virus.

Tewksbury Police Chief Timothy Sheehan told Tewksbury Patch paying the ransom was a last resort to not run the risk of never being able to have the data decrypted.

“We certainly don’t advocate negotiating with cyberterrorists, but this happened to be the perfect storm where we felt we had to exercise our last resort option of paying the ransom and running the risk of never receiving the encryption key,” Sheehan says. “ We have made a number of security and storage changes as a result of this encroachment and we have done what we can to share our experience with other municipal police departments to prepare and hopefully spare them from this menacing virus.”

It all started when one department computer on the department’s network was infected with the ransomware program CryptoLocker, a ransomware trojan that targets computers and when activated encrypts files stored on both local and network drives. The computer infected had access to vital records within the Police Department, making them unreadable.

CryptoLocker can infect via email. Once infected, the malware displays a message which offers to decrypt the data if payment is made by a stated deadline, while restricting access to the systems it has infected. In many cases, like Tewksbury, the payment is made. If payments are not made by the deadline, that offer goes up.