7 Investigates: Government Ransom

NEW BEDFORD, MASS. (WHDH) - Cybercriminals holding crucial government data for ransom and demanding taxpayer money. 7 Investigates found Massachusetts towns, school districts, and even law enforcement could be at risk of attack.

Just hours after the New Bedford fireworks ended on July Fourth, cybercriminals blasted the city’s computer network.

“The city, unfortunately, just wasn’t prepared for this attack,” said New Bedford City Council member Hugh Dunn.

New Bedford’s email system, and more than 150 computers, crashed in an instant.

“If a computer was on at the time of the attack, anything that was on that computer is just gone,” Dunn said.

Tons of data, crucial to running the city, was no longer accessible. Hackers held all of the data hostage and demanded a ransom of more than $5 million to give it back.

“This is definitely an epidemic,” Dunn said.

Attacks like the one in New Bedford are becoming so common, they have a name: Ransomware. City and town offices in Swansea, Tewksbury, Barnstable, Dighton, Melrose, Medfield, and Leominster have all been hit.

In New Bedford, city officials refused to pay the ransom. Instead, they spent hundreds of thousands of taxpayer dollars repairing the damage, though city officials say their insurance company paid the money back.

“It’s taxpayer money, and it’s really hard to explain to the taxpayers that you used their money to pay ransom,” said Allan Liska, senior security architect and intelligence analyst with Recorded Future in Somerville.

Liska said hackers break in through a digital doorway employees leave open when they use a computer network remotely. He ran an exclusive search for 7 Investigate, and found hundreds of computer systems across Massachusetts could be vulnerable to a ransomware attack.

“If we can see it, anybody can see it,” Liska said.

Liska’s search revealed at least 14 vulnerable networks belong to Massachusetts government agencies, including five school districts, four city governments, two state universities, and the Bristol County Sheriff’s Office.

“You can paralyze the agency,” said Bristol County Sheriff Thomas Hodgson, when asked about the risks of such an attack.

Hodgson said his office has added extra layers of security that should prevent a ransomware attack. Liska said many others need to do the same.

“It keeps your constituents safe,” Liska said.

Experts say the best defense is to not allow workers to connect to their desktops remotely, or to set up a more secure way for them to do so.

(Copyright (c) 2019 Sunbeam Television. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed.)