Technology Talk: Held Hostage: Steps for Avoiding Cybersecurity Incidents within a Law Enforcement Agency

It’s a law enforcement executive’s worst nightmare—a panicked call from staff in the middle of the night. What could it be? All of the agency’s 911 and communication capabilities, report writing systems, in-car technology systems, body camera systems, and digital evidence storage systems are off-line. The only thing visible to staff at each terminal is an image of a skull and padlock, along with a demand for $25,000 in virtual currency ransom due to some unknown person or group within 24 hours. The concerned staff member also advises that moving to agency backups didn’t work; they appear to have been affected by the ransomware, too. Multiple calls to the municipal information technology (IT) staff have gone unanswered and none of the vendors are open in the middle of the night. What can a chief do in this situation? Will the agency records be lost for good? How about evidence for important cases? What about the public’s trust in the agency’s ability to keep their data safe? What about the agency’s ability to respond to those who need help?