US Virgin Islands Police Department and Water & Power Authority suffer security incidents

• The ransomware attack at V.I. Police Department encrypted all the files stored in the department servers including the internal affairs records and citizen complaints.
• The Water and Power utility officials said that it fell victim to a Business Email Compromise scheme compromising $2.3 million.

Virgin Islands Police Department suffered a ransomware attack that crippled the servers containing internal affairs records and citizen complaints. In a separate incident, the Water and Power Authority lost $2.3 million in a Business Email Compromise (BEC) scam.

Ransomware attack

V.I. Police department suffered a ransomware attack in April 2019. The attack encrypted all the files stored in the department servers including the internal affairs records and citizen complaints.

• Upon uncovering the attack, the department took down all the servers.
• The department did not pay the ransom amount and is currently working with the FBI to recover the encrypted files.
• VIPD is also working in setting up its infrastructure in order to avoid compromise of any information.

The department acknowledged the attack in documents filed in U.S. District Court related to the ongoing federal consent decree designed to ensure that officers do not use excessive force.

What is the impact?

• The ransomware infection corrupted the VIPD’s networks and servers making the department unable to access “Blue Team” and “IAPRO” programs for several weeks and causing major work disruptions and delays.
• The backups of IAPRO system were also corrupted causing the department to install a new centralized version of IAPRO.

“The backups of the IAPRO system were corrupted and VIPD is working with the FBI to recover the information. The VIPD is working diligently to ensure that the system is fully operational and accessible.” the court report read, Government Technology reported.

BEC Scam

The Water and Power utility officials said that it fell victim to a Business Email Compromise scheme compromising $2.3 million. Scammers managed to swindle funds from the department via a fake email asking for transfer of funds to a bank account.

• Government House Communications Director Richard Motta said that the incident was reported to the FBI.
• Lawrence Kupfer, WAPA CEO said that the transfer of funds from WAPA to an unidentified bank account was also reported to the federal authorities.
• Since then, the WAPA is providing training to its staff on identifying suspicious emails.

“We have our staff report suspicious emails. We have seen some but we have quarantine mechanisms so they can be investigated further. Unfortunately, it’s our new reality,” Regina Petersen, Supreme Court Administrator said.

The Bureau of Information Technology is working with the Department of Homeland Security to enhance the security methods in monitoring the Virgin Islands government systems.

“BIT is working with Homeland Security to look at threats from their public facing domains,” Motta said, The St.Thomas Source reported.