Last year, a few days before the swearing-in ceremony of President Donald Trump, over 100 surveillance cameras in Washington DC went offline. The administration responded quickly to find out that a ransomware strain had penetrated the surveillance system. Surveillance cameras were reverted to their normal operations in a couple of days after concluding ransomware removal measures.
But ransomware activity was not just confined to the live feed. Four storage devices containing surveillance footage were also encrypted by the ransomware. The operators demanded $60,000 worth of Bitcoin for ransomware removal. However, the officials got back the access to the locked-down surveillance footage through their own ransomware removal protocols. In the following days, federal agencies extensively worked on nabbing the culprits behind the attack.
Law enforcement officials arrested a Romanian couple in connection with this ransomware assault. In December 2017, the federal prosecutors formally charged the couple for the crime after finding out their personal email accounts were accessed through affected police computers.
It is also important to note that the intentions of the charged cybercriminals were far more devious than what was initially believed. The files retrieved by law enforcement personnel suggest that they had a plan to target hundreds and thousands of other computers by sending out ransomware payloads through phishing emails. The couple owned a list of more than 170,000 email addresses. Investigators think that they might have purchased this information from the black market.
It has also been found out that they were running a shady business on Amazon to scam people. Luckily, the couple was arrested in Romania last year. Otherwise, there would have been more victims trying to disinfect their computers through ransomware removal measures. The couple is now facing cybercrime charges both in the US and Romania.