Recently, a U.S. police department was targeted by Cryptolocker. Cryptolocker is a form of ransomware that encrypts the victim’s files, then demands a ransom fee for the decryption key. Unfortunately, the police department failed to maintain a data backup and disaster recovery system. With determination to retrieve important files, the police department decided to pay the ransom.
Following the instructions given by Cryptolocker, the police department bought two Bitcoins, worth $750, on November 10th. According to the department, paying the fee resulted in the cybercriminal sending the decryption key. This unfortunate event could have easily been avoided with proper backup and recovery systems.
Cryptolocker brings growing concern regarding the scale and success of the ransomware. In addition, paying the ransom tends to encourage the developers of the ransomware. To avoid this, police departments must ensure adequate backup and disaster recovery systems are in place.
The Importance of Data Backups for Police Departments
With data backups, there’s no need to pay the ransom. The department will have access to all of their files stored onsite and/or offsite. It’s important to consider maintaining both an onsite and offsite backup system. Onsite storage involves storing important data on a local storage device, such as a hard drive. Offsite storage involves storing important data on a remote server. Offsite storage has the advantage of being located away from the main office, which is helpful in the event of theft or natural disaster.
Commission on Accreditation for Law Enforcement Agencies (CALEA) Requirements
CALEA was enacted by Congress on October 25th, 1994 with the intent to enforce three policies: to preserve a capability for law enforcement agencies to carry out properly authorized intercepts, to protect privacy while using powerful and revealing technologies, and to avoid obstructing the development of new technologies and communication services.
According to CALEA standard 82.1.6, agencies are required to implement, maintain, and secure a data backup and offsite storage system for their law enforcement data. Each agency must also enforce regular scheduled backups, advanced security, and system integrity.
Police departments are required to maintain backups, in order to comply with CALEA requirements. With the increasing use of technology, it’s important to be aware of the laws and regulations regarding your industry. Police departments must maintain the security and confidentiality of all law enforcement data.
CITOC is here to help law enforcement agencies with their IT service and support need including CALEA standard 82.1.6. If your law enforcement agency or police department needs the best in services and computer data backup services, give us a call. We can be reached at (713) 490-5000 or email us at firstname.lastname@example.org.