DC police department reports 'unauthorized access' on its server
The U.S. capital's primary law enforcement agency has reported "unauthorized access" on its computer network.
"We are aware of unauthorized access on our server," the Metropolitan Police Department of the District of Columbia said in a statement to ABC News on Monday. "While we determine the full impact and continue to review activity, we have engaged the FBI to fully investigate this matter."
Javed Ali, a former national counterterrorism director at the National Security Council, said the apparent ransomware attack "underscores the cyber vulnerabilities criminal groups and other malign actors continue to exploit."
"Various sectors across state and local governments have been targeted, including law enforcement agencies, hospital systems and educational facilities due to shortcomings in cyber defenses and other information technology gaps," Ali told ABC News. "Further, the lack of national-level standards on cybersecurity for key governmental functions at the state and local level complicates efforts to prevent these types of attacks or mitigate their effects."
The Metropolitan Police Department has over 4,000 sworn and civilian members serving Washington, D.C., making it one of the 10 largest local police agencies in the United States, according to its website.
Although investigators have not attributed the server breach to Russian hackers, federal authorities issued a warning earlier this week about continued cyber attacks by Russia to exploit networks in the wake of the so-called SolarWinds hack. In December, it was discovered that at least nine federal agencies were breached by what the U.S. government believes are Russian actors through software from Texas-based company SolarWinds.
In a statement posted on its website, SolarWinds said in December that it had provided two hotfix updates with security enhancements and that it would continue "to work with leading security experts in our investigations to help further secure our products and internal systems."
The FBI, the U.S. Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency said in an assessment Monday that Russian hackers "will continue to seek intelligence from U.S. and foreign entities through cyber exploitation, using a range of initial exploitation techniques that vary in sophistication, coupled with stealthy intrusion tradecraft within compromised networks." The federal agencies said the Russians "primarily target government networks, think tank and policy analysis organizations, and information technology companies."
According to the assessment, the Russians used tradecraft similar to SolarWinds and utilized the software to get into other networks and target individual emails at specific companies. The federal agencies urged companies to use multi-factor authentication and deploy monitoring techniques for internal networks.
"The FBI suspects the actors monitored IT staff to collect useful information about the victim networks, determine if victims had detected the intrusions, and evade eviction actions," the agencies said.
The FBI did not immediately respond to ABC News' request for comment.