Like middle school children stuffed into their own lockers, the Tewksbury, Mass., police department resorted to paying off hackers who locked them out of their own computer files.

According to a Boston Globe report, Tewksbury's finest were the latest targets in a string of "ransomware" attacks, wherein hackers trick victims into downloading software that encrypts their entire computer. File encryption is a terrific way to keep intruders out of your computer, but in these cases, the hackers are the only ones with the decryption key:

At first, the problems with the Tewksbury Police Department system — difficulty calling up arrest and incident records — seemed to be just the usual system crankiness. No big deal.

But it persisted, and a technician was called in.

That was when the menacing message popped up on the screen, an explanation in the form of a ransom note:

“Your personal files are encrypted,” it read. “File decryption costs ~ $500.”

It continued: “If you really value your data, then we suggest you do not waste valuable time searching for other solutions because they do not exist.”

Ideally, ransomware targets will just tell their attackers to fuck off, because they've backed up their files as conventional wisdom has dictated for the past couple of decades. But the Tewksbury P.D. was not so lucky, or smart:

The cyberattack on Tewksbury police proved so sophisticated that specialists from federal and state law enforcement agencies — plus two private Internet security firms — could not unscramble the corrupted files. After five days of desperate efforts to unlock it, Tewksbury police decided to pay the anonymous hacker the $500.

The ransom was paid in bitcoin, of course, and will guarantee that the humiliating extortion technique is used over and over again in the future—because hey, it works!

Contact the author at biddle@gawker.com.
Public PGP key
PGP fingerprint: E93A 40D1 FA38 4B2B 1477 C855 3DEA F030 F340 E2C7