February 20, 2020
On July 6th 2017 the Murfreesboro TN police department and fire department reported a malware infestation of their local computer network and file servers. 19 computers were reported hit along with 2 file servers.
The report claims they were hit by the malware referred to as Wannacry. Wannacry is a ransomware attack, which works by encrypting the hard disk of infected systems and showing a message that tells the owner to send a random in bitcoins to a specific address, at which point the system is unlocked and files can be accessed again. It forces the person with the infected computer to pay to have their files unlocked. This sort of malware operates much like a virus in that it does infect a host system and attempts to spread across the network to any unpatched or vulnerable systems.
This form of malware attack has struck a number of businesses recently, but the only systems vulnerable to this sort of attack were likely to have been obsolete or lacking recent maintenance to the computers including security updates. It impacts windows systems only, however, patches are available even for versions as old as Windows XP to make the systems no longer vulnerable to attack.
There is currently no reporting available on the exact nature of the files lost, if they in fact lost anything, or why they lost anything as wannacry is an unlockable ransomware. If they did lose data it was likely by their own choice to not retrieve them. The Wannacry ransomware normally charges $300 per impacted system. That is obviously not ideal but is better than complete data loss. The modification of loss of data may impact many active cases in Murfreesboro, full information is not available as to the total scope of impact so far.
It has, however, been reported to multiple sources that the data is not retrievable, which would be unexpected if the attack was the Wannacry malware. Wannacry is a form of ransomware that is possible to unlock. The police department has reported that they can NOT retrieve the data, however, which is highly unusual.
“Most of the affected data is not retrievable, Norville reported, but MPD staff are working to restore the servers. “ – As reported in Daily News Journal. This would suggest either they did not pay the ransom, or this variant was in fact not the Wannacry malware. There is no disclosure on how many cases this affects so far.
If you have a case impacted by the Wannacry ransomware attack in Murfreesboro, TN contact me to go over your options in the case. The loss or modification of evidence caused by either negligence to update security or their choice to not retrieve files is not your fault. If your case is impacted, you need representation to argue that your legal rights are followed.