The Washington PostDemocracy Dies in Darkness

Hackers hit D.C. police closed-circuit camera network, city officials disclose

January 27, 2017 at 9:23 p.m. EST
Ransomware is proliferating, security experts say. (Kacper Pempel/Reuters)

Hackers infected 70 percent of storage devices that record data from D.C. police surveillance cameras eight days before President Trump’s inauguration, forcing major citywide reinstallation efforts, according to the police and the city’s technology office.

City officials said ransomware left police cameras unable to record between Jan. 12 and Jan. 15. The cyberattack affected 123 of 187 network video recorders in a closed-circuit TV system for public spaces across the city, the officials said late Friday.

Brian Ebert, a Secret Service official, said the safety of the public or protectees was never jeopardized.

Archana Vemulapalli, the city’s Chief Technology Officer, said the city paid no ransom and resolved the problem by taking the devices offline, removing all software and restarting the system at each site.

An investigation into the source of the hack continues, said Vemulapalli, who said the intrusion was confined to the police CCTV cameras that monitor public areas and did not extend deeper into D.C. computer networks.

Ransomware is malware that is said to be proliferating. It infects computers, often when users click on a link or open an attachment in an email. It then encrypts files or otherwise locks users out until they pay.

The D.C. hack appeared to be an extortion effort that”was localized” and did not affect criminal investigations, city officials said.

These hackers can hold a town hostage — and they want ransom.

On Jan. 12 D.C. police noticed four camera sites were not functioning properly and told OCTO. The technology office found two forms of ransomware in the four recording devices and launched a citywide sweep of the network where they found more infected sites, said Vemulapalli.

The network video recorders are connected to as many as four cameras at each site, she said.

“There was no access from these devices into our environment,” Vemulapalli said.

Interim Police Chief Peter Newsham said that police worked with OCTO but that the incident was limited to about 48 hours He said there was “no significant impact” overall.

City officials declined to say who they suspected in the attack.