Skip to main content

Not Even Police Can Avoid Ransomware – Back Up Regularly!

By February 9, 2017May 25th, 2021Cybersecurity

How’s your network security? Is it on par with police departments, which, you’d have to imagine, have fairly robust security?

If so, you’re still not safe.

Recently, police in Cockrell Hill, Texas, announced in a press release that they had been the victim of a ransomware attack that cost them dearly.

The hackers demanded $4000 USD to unlock their files, but the department’s’ IT staff determined that the best course of action was simply to restore the server’s files from backup.

Unfortunately, that proved to be problematic. A new backup was made after the infection, so the only files that were available were archived versions of the encrypted files, all bearing the “.osiris” extension.

The end result was that the department lost literally years’ worth of video footage and photographic evidence. These files were accessed by area lawyers to use in the prosecution of criminal cases. There’s no way to account for how much of an impact their loss will have, or how many cases that may go to trial sans this evidence could be impacted.
Although, of course, the police department has made statements hinting that the impact will be minimal, the reality is that there’s no way to know.

As part of the formal statement issued by the department, they announced that they had been infected by “Osiris Ransomware,” probably owing to the extension on the files.

If you own your own business, then you should be aware that this was a misnomer. There’s no need to inform your staff to be on the looking for Osiris Ransomware, because no such software exists. Additional research has revealed that the most recent version of Locky Ransomware encrypts files bearing the .osiris extension, and this is almost certainly what the Cockrell Hill Police Department was actually infected with.

Nonetheless, the event stands as another harsh reminder that no matter how good your security is, you’re still not safe. In this case, the infection was made possible when a department member opened an email that had been spoofed so that it appeared to be an official departmental communication.

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.