Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Friday April 30, @09:31AM   Printer-friendly [Skip to comment(s)]

Cyber-attack hackers threaten to share US police informant data:

Washington DC's Metropolitan Police Department has said its computer network has been breached in a targeted cyber-attack, US media report.

A ransomware group called Babuk is reportedly threatening to release sensitive data on police informants if it is not contacted within three days.

The FBI is investigating the extent of the breach, US media reported, citing the Washington DC police department.

[...] On Monday, Washington DC's police department said in a statement that it was "aware of unauthorised access on our server", AP news agency reported.

"While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter," the statement added, without providing further details of the reported breach.

It is not clear if attackers managed to lock police out of their systems during the breach.


Original Submission

Display Options Threshold/Breakthrough Reply to Article Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 2) by PiMuNu on Friday April 30, @09:40AM

    by PiMuNu (3823) Subscriber Badge on Friday April 30, @09:40AM (#1144679)

    Cyber attack is a state-supported business...

    https://www.bbc.co.uk/news/technology-56933733 [bbc.co.uk]

    I wonder if we can get the Ruskies on world trade organisation/government subsidies rules?

    https://commonslibrary.parliament.uk/research-briefings/sn06775/ [parliament.uk]

    > World Trade Organisation Agreement on Subsidies and Countervailing Measures:
    >
    > Under the [WTO] Agreement, some subsidies are prohibited outright while the rest are ‘actionable’ – meaning that the subsidy is allowed, but other countries can take certain actions if the subsidy harms
    > them. Countries can protect their industries by taxing imports of the subsidised good – this is known as imposing a ‘countervailing duty’.

  • (Score: 1, Insightful) by Anonymous Coward on Friday April 30, @11:54AM (17 children)

    by Anonymous Coward on Friday April 30, @11:54AM (#1144689)

    There’s no need to keep informants real names on file. I would expect it to be something along. The lines of [informant handlers real name] informant Sketchy Steve, Joey Ratface, and Molly the Crack Whore.

    • (Score: 2) by Mojibake Tengu on Friday April 30, @12:21PM

      by Mojibake Tengu (8598) on Friday April 30, @12:21PM (#1144691) Journal

      Someone has to keep a notepad listing of which nickname in a secure database without real names is which actual real person.

      --
      The edge of 太玄 cannot be defined, for it is beyond every aspect of design
    • (Score: 2) by Spamalope on Friday April 30, @12:28PM (3 children)

      by Spamalope (5233) on Friday April 30, @12:28PM (#1144694) Homepage

      My first question is 'Is the real risk that informants are as real as women on dating websites like Ashley Madison?'
      While we're asking, how many 'informants' who are actual people are either friends and family of law enforcement/legal system or are being paid (or extorted) in some form? (extorted ex: Your sentence will be years longer unless you 'inform' on this person you never met before. If it's provable that they never met, then they're put in the same jail cell and the 'informant' reports the person being railroaded confessed... ofc security system recording exists so it's just word of the 'informant')

      • (Score: 1, Informative) by Anonymous Coward on Friday April 30, @03:32PM (2 children)

        by Anonymous Coward on Friday April 30, @03:32PM (#1144739)

        There have been many, many documented cases over the years of paid informants being prompted by police to give bogus information to 'help along' a case. 'Anonymous tips' are another popular way police provide themselves with grounds to raid someone.

        • (Score: 0) by Anonymous Coward on Friday April 30, @04:09PM (1 child)

          by Anonymous Coward on Friday April 30, @04:09PM (#1144753)

          Thanks for the anonymous tip, AC.

          • (Score: 0) by Anonymous Coward on Friday April 30, @08:36PM

            by Anonymous Coward on Friday April 30, @08:36PM (#1144870)

            here that would be a sock puppet.

    • (Score: 2) by Immerman on Friday April 30, @01:31PM (11 children)

      by Immerman (3985) on Friday April 30, @01:31PM (#1144706)

      I suspect you're making the same mistake as the ransomers - thinking that the police care about their informants enough to try to protect them. I mean, I'm sure they'll be annoyed at having to find new informants when some turn up dead, but annoyed enough to sacrifice some of their work-party slush fund to protect criminals?

      If they even consider paying the ransom it will likely be because of the worry that their exposed informants will be fed misinformation - but they probably worry about that anyway. And that they'll have difficulty recruiting new informants once word gets out that they hung the old ones out to dry. The again my understanding is that most informants enter the "business" because the police have leverage on them, so a bit more evidence they may get screwed over probably won't make much difference.

      Love to be proven wrong, but I'm not holding my breath.

      Of course, now it's public, so I suppose there's two other factors in play as well: public approval ratings may suffer if they do nothing (would they care?), and the whole "don't (publicly) negotiate with terrorists/ransomers/etc. because it will encourage further attacks in the future" reasoning is now relevant.

      • (Score: 2) by looorg on Friday April 30, @01:54PM (9 children)

        by looorg (578) on Friday April 30, @01:54PM (#1144714)

        Snitches gets stitches. They would need to be protected cause otherwise nobody would want to ever inform again. It would make it a lot harder for LEO to do any kind of investigations. If you remove all human assets all that then remains is forensic investigations and (mass-) surveillance. From my knowledge people chose to inform for various reasons, some do it cause they want to lower their own sentences, some do it to get rid of competition, some do it for risk management (other criminals are bad for business), some do it cause they found Jebuz, some want to leave the life of crime behind them (bridge burning), some do it cause the crimes committed was so revolting that it even clashed with their own codes and morality. So the reasons are multiple and varied. Some don't even need to be leveraged or coerced and they can't stop talking or spilling the beans fast enough once they are alone with LEO. Some people just like to talk, keeping up the criminal facade is hard and taxing.

        That they keep the real names for informants around is not that strange, they need to keep the record for legal and practical reasons. Say what if the handler dies then if nobody knows about the informant that part just goes cold and dies with them. It's also just as they keep records with real names of people that get cover identities and new identities. If they can't keep those hidden it is equally bad for similar reasons. The system depends on them and require them, informants are an integral part of modern law enforcement.

        • (Score: 2, Interesting) by Anonymous Coward on Friday April 30, @02:55PM (2 children)

          by Anonymous Coward on Friday April 30, @02:55PM (#1144734)

          People are *always* going to inform, and you gave several reasons already.

          I'm waiting for the FBI to get hit; releasing a list of people's spouses, friends and neighbors that have shopped them to the Stasi for their political beliefs.

          • (Score: 0) by Anonymous Coward on Friday April 30, @06:59PM (1 child)

            by Anonymous Coward on Friday April 30, @06:59PM (#1144824)

            I'm waiting for the FBI to get hit...

            Why? That's fucked up. Let's hit rich politicians and their donors and lobbyists, and then the cartels, and Russia/China. Let's see what turns up there. These "breaches" are bogus false flags, I mean, they are happening, but only certain targets? That's bullshit. I wanna see the juicy stuff

            • (Score: 0) by Anonymous Coward on Saturday May 01, @11:43PM

              by Anonymous Coward on Saturday May 01, @11:43PM (#1145240)

              I wanna see the juicy stuff

              Wanking doesn't work anymore for you?

        • (Score: 0) by Anonymous Coward on Friday April 30, @02:56PM (2 children)

          by Anonymous Coward on Friday April 30, @02:56PM (#1144735)
          Doesn’t follow that informant names need to be stored electronically. Sometimes pater in a safe is better.
          • (Score: 0) by Anonymous Coward on Friday April 30, @04:13PM

            by Anonymous Coward on Friday April 30, @04:13PM (#1144756)

            Bit then how can you do the AI magic on them to predict their shoe size?

          • (Score: 0) by Anonymous Coward on Friday April 30, @04:20PM

            by Anonymous Coward on Friday April 30, @04:20PM (#1144760)

            A truism of government is that everything is going to get filed according to requirements established by someone else.

        • (Score: 2) by Immerman on Friday April 30, @08:32PM (1 child)

          by Immerman (3985) on Friday April 30, @08:32PM (#1144868)

          >They would need to be protected cause otherwise nobody would want to ever inform again.

          How many people *want* to inform now? Some may be in it for the money, but getting found out is always a risk, and I have a feeling most are in it to avoid prosecution for their own crimes. Like I said, leverage. And faced with the choice of doing time today, or maybe eventually getting found out as a snitch if hackers "liberate" their records, I suspect most will continue to snitch. After all, they're already running a probably much higher risk of getting found out through more traditional means - what percentage of US informants are affected by this instance?

          • (Score: 2) by looorg on Friday April 30, @10:07PM

            by looorg (578) on Friday April 30, @10:07PM (#1144913)

            I don't know. It's like asking how many people want to be crack-whores or just criminals in general. Few people probably grow up wanting to, beyond some childhood fantasies of being an outlaw or whatnot. If they had choices they would hopefully have made other, better, once. Sure one can consider this whole information game as part of the criminal life or game. Most, or some, of them will probably be found out for other reasons then this leak. After all it's a stressful life to constantly have to be on guard and lie all the time, certainly so when you surround yourself with violent people that doesn't appear to have normal impulse control. But at least then it wasn't, hopefully, due to LEO or some database that had not been secured properly.

            In some regard there is a flip side then to the issue. Are you, you you or some more general you, ok with those people that did chose to inform, for some reason probably not altruistic, are then murdered due to some hackers releasing (or selling/blackmailing/whatever) their names? They, probably, did help out the public by informing, just not out of any ideas of common good etc. Is it to be considered a normal part of the risk of being a criminal? Being fucked over by other criminals. Is it the police that are to blame for not being tech savvy enough to keep up with all the zero-day exploits? Is it the manufacturer of the database that released some buggy piece of crap? Or is it the hackers that "liberated" the information and then chose to share it no matter the cost of life? There might be blame enough to go around. I'm not quite certain it's as easy to assign blame, even tho I would probably assign more of it to the last group then the first group mentioned.

        • (Score: 0) by Anonymous Coward on Saturday May 01, @01:21PM

          by Anonymous Coward on Saturday May 01, @01:21PM (#1145104)
          If I'm gonna snitch I'm going to do it anonymously. To me the police aren't much better than many gangsters. So the less I interact with them the better.
      • (Score: 0) by Anonymous Coward on Friday April 30, @02:45PM

        by Anonymous Coward on Friday April 30, @02:45PM (#1144732)

        The cinicism is strong with this one.

  • (Score: 2, Funny) by Anonymous Coward on Friday April 30, @03:33PM (2 children)

    by Anonymous Coward on Friday April 30, @03:33PM (#1144740)

    IANAL. I wonder, what is the police's LIABILITY for information that they are supposed to protect?

    Can they be sued or otherwise held accountable for this information getting out?

    Did they take "reasonable precautions" to protect the information?

    How does that affect their liability?

    • (Score: 4, Insightful) by AssCork on Friday April 30, @04:28PM (1 child)

      by AssCork (6255) on Friday April 30, @04:28PM (#1144764) Journal

      Can't sue the gov't w/o permission from the gov't.
      Good luck getting a judge to let someone sue the PD.

      --
      Just popped-out of a tight spot. Came out mostly clean, too.
      • (Score: 2) by PiMuNu on Friday April 30, @06:18PM

        by PiMuNu (3823) Subscriber Badge on Friday April 30, @06:18PM (#1144812)

        The judiciary is not the legislature, nor is it the executive. That's the whole point of the American constitution.

  • (Score: 3, Insightful) by MIRV888 on Friday April 30, @05:28PM

    by MIRV888 (11376) on Friday April 30, @05:28PM (#1144792)

    It feels like almost all of our systems are compromised by Russia, China, and even NK.
    I sure hope we've done the same, but more discreetly.
    If computers run everything, then computers are the ultimate weapon.

(1)