California county police confirms ransom payment to hackers

The San Bernardino County Sheriff’s Department in California has paid a $1.1 million ransom to a ransomware gang that encrypted its network in April. The Golden State has suffered a number of hacking attacks recently.

The department’s network was disrupted at the beginning of April. The police stated in a subsequent press release that the incident had affected a limited number of systems, including the California Law Enforcement Telecommunications System used by deputies to look up whether a person is wanted for crimes.

However, the department reported that it had quickly secured the network and began the investigation. The police also said the breach had not impacted law enforcement operations in San Bernardino County.

Overall, it seemed that the police weren’t overly worried about the incident. Now, we possibly know why. The sheriff’s department has confirmed that it paid a ransom of $1.1 million to the hackers who had inserted ransomware in some of the systems.

Negotiations took place, the county’s spokesman David Wert told The Epoch Times. But the country and its insurance carrier eventually agreed to pay the ransom so that the system’s full functionality could be restored. Officials also wanted to secure any data caught up in the breach as soon as possible.

According to Wert, authorities were prepared for such an attack – the country had obtained insurance coverage beforehand and had to pay $511,000 in ransom. The rest was covered by insurance.

San Bernardino County Police contacted the Federal Bureau of Investigations and the Department of Homeland Security when responding to the incident. While the FBI does not support paying a ransom and says so officially, doling out the cash was determined to be the “responsible course”, Wert said.

It’s unclear which ransomware gang was involved in the attack on San Bernardino police. However, in February 2023, when Modesto, another city in California, suffered a breach, Snatch, a gang known for its links to Russia, took credit for the incident.

As Cybernews reported initially, city networks had been down for a number of days, forcing the Modesto police department to embrace “old-school policing,” including the use of handheld radios, pens, and paper during patrols.

The Modesto attack happened to coincide with another ransomware attack on the nearby city of Oakland. That incident forced Oakland officials to shut down all municipal services for weeks, and in March, the Play ransomware gang made good on its threat to publish thousands of sensitive files it stole during the hack.