Police departments across the United States have been made easy targets for hackers who infect their computers, encrypt their documents and give them a deadline to make a payment.
Over the weekend, some Maine police agencies reported having to pay ransom to hackers in order to keep their files. In Tewksbury, Massachusetts the police chief said he paid a $500 bounty to get back the department's data.
The scheme has become more sophisticated over the past decade and has found a niche targeting law enforcement, according to Robert Siciliano, an online safety expert to Intel Security.
"It's a multi-million dollar business," he said. "They're getting paid and they're getting paid well."
Ransomware can infect a computer if the recipient clicks a dangerous link or downloads material masquerading as a benign attachment. Users with out of date browsers or no anti-virus protection are especially at risk, Siciliano said.
"When they are attacked they usually see a countdown screen, a clock counting down the time they have until the offer expires and their data is deleted," Siciliano said.
Paying overseas hackers to return data is made surprisingly simple with an online payment processing system that allows victims to seamlessly pay off the perpetrators.
The outcome is likely the only choice for police snared by the scam.
"If you stand to lose more than the ransom might cost, then certainly it’s a consideration," Siciliano said. "But the thing is, if you're proactive and backing up your data in multiple locations then you have less to worry about."