Clop is infamous for infecting its targets with ransomware, and for naming and shaming its victims on a Tor leak site. The group has moved over $500 million through its operations.
Clop Released Data After Dacoll Refused to Pay Ransom
According to the report, Clop targeted Dacoll with a phishing campaign and subsequently gained access to its data. It gained access to the PNC in the same attack, which holds the personal information of 13 million people. Clop demanded a ransom from Dacoll, which the latter refused to pay. Consequently, the hackers leaked UK traffic information on the dark web. The leaked information includes close-up images of motorists snapped for speeding. The images apparently came from the UK’s Automatic Number Plate Recognition (ANPR) system. Dacoll has not revealed the amount of the demanded ransom. Furthermore, it is unclear what other information Clop has access to, and could potentially leak in the future. In November this year, it was reported that INTERPOL carried out a covert operation to shut down crucial cogs in Clop’s operations. Titled Operation Cyclone, the campaign led to six arrests and numerous asset seizures.
Incident Raises Concerns About the Management of Sensitive Law Enforcement Data
Cybersecurity experts believe that the breach raises very serious concerns. Philip Ingram, security expert and former British military intelligence Colonel, said, “This is an extremely serious breach of a company providing a capability to police forces across the UK.” “The damage caused by this kind of data leak is unfathomable as it brings into question the cybersecurity arrangements that exist between multiple public and private organizations to manage sensitive law enforcement data,” Ingram added. As a matter of fact, NDI Technologies, which is one of Dacoll’s subsidiaries, “provides a ‘critical’ service for 90 percent of the UK’s police forces, giving officers remote access to the PNC.”
Statement From Dacoll
A spokesperson from Dacoll gave a short statement regarding the incident. “We can confirm we were the victims of a cyber incident on October 5. We were able to quickly return to our normal operational levels. The incident was limited to an internal network not linked to any of our clients’ networks or services,” the spokesperson said. Both the UK National Crime Agency and National Cyber Security Centre confirmed the incident, stating that they have extended their support to the affected parties. Phishing attacks are on the rise around the world. Cybercriminals rely on phishing campaigns to steal data like personal information, bank details, and more. For example, in a recent campaign, malicious actors targeted Netflix users in an attempt to steal their payment data. If you want to learn more about phishing and how you can protect yourself, check out our detailed article here.