Hackers target Mass. fire department's computers
Same virus that attacked a nearby police department, which encrypted data and demanded a ransom to provide the decryption key
SALISBURY, Mass. — The Salisbury Fire Department was recently struck by a computer virus that wiped out documents and forced the shutdown of its dispatch center for a time.
The department suspects it might be the same virus that struck the Tewksbury Police Department in December, which encrypted all its data, then demanded a ransom to provide the key needed for decryption.
"They paid the ransom," said Salisbury Fire Chief Rick Souliotis.
Since 2013, similar episodes have occurred in a number of law enforcement agencies nationwide. Some paid the ransoms, which range from $500 to $600, and received the code needed to get their information back in useful format, according to published reports.
Area police and fire chiefs say they are aware of the vicious virus and other types of hacker dangers and are taking all the precautions they can to ward them off.
Lawrence Acting Police Chief James Fitzpatrick said on Tuesday, officials at the Massachusetts State Police fusion center issued an alert on the matter and gave some guidance on what to do.
The fusion center was developed after the 9-11 terrorist attacks as an "intelligence clearing house," Fitzpatrick said. "They are a great resource," he said.
Fitzpatrick noted the police department's computer system is infused with the municipal computer system.
"It's not a stand alone system," Fitzpatrick said.
If the police department's computer system was hacked, "I wouldn't say it would cripple us, but it would effect us administratively."
"We'd have to go back to using index cards and stuff like that," Fitzpatrick said.
North Andover Police Chief Paul Gallagher said he has spoken with the town's IT director, Christopher McClure, about making sure the proper precautions are in place.
"What happened in Tewksbury was certainly a cyber crime," said Gallagher. "(Our officers) know to scan their computers for viruses and to not open any files from someone you don't know."
Although he's only been on the job since April 8, McClure said he has "quite a bit" of experience in working with public safety departments, including working with Hopkinton police at the beginning of the Boston Marathon.
"It's one of those things where it's impossible to make it 100 percent bulletproof, but I think we're doing the right things here," McClure said. "At the end of the day, it just comes down to training and helping people understand what they are doing (online). Just having good habits goes a long way."
Methuen Police Chief Joseph Solomon said his department's Twitter account has been the target of a hack in the past, and that he takes the responsibility of keeping records safe very seriously. The names of sexual assault victims, the addresses of people with a restraining order out on another person and juvenile records that are not public are some examples of sensitive information contained in police records, he said.
"It absolutely is a concern of ours because we’re the protector of the records and we wouldn’t want the records we protect to fall into the wrong hands," Solomon said.
Chief Souliotis in Salisbury said the problem began about two weeks ago, when his desk computer started acting strangely when he went to use it in the morning.
"We shut down the computer so we could reboot," he said. "When we turned it back on, it just started to download a ton of stuff."
The department called in its computer consultant, who went to work, Souliotis said, but nothing good resulted.
"He took my computer and cleaned it completely," Souliotis said. "I was getting emails like you wouldn't believe. He cleaned them all off the first day. The next day the emails started again and had to be cleaned off again. We didn't open any of the emails so I don't know what they said."
Things progressed from bad to worse, he said, causing the department to just shut down its computerized dispatch center.
"We started recording everything by hand on paper, the way it used to be done," he said. "We then put all those records in the computer now that we're up again."
And although the department has an automatic tape back-up system for its dispatch center, it doesn't automatically back up text documents. "I lost every (computer) document I ever had," Souliotis said. "It's unbelievable. Who would ever think someone would do that?"
What Souliotis and the town's consultant believe is that the department was hit with a cyber attack through a virus that entered the fire department's computer system through an email. The minute it was opened, the virus spread and corrupted everything.
Some agencies refused to pay the ransom, including New Hamsphire's Durham Police Department when the cyber-ransom virus hit there last June. Some lost everything, but Durham didn't because it had a good system for backing up all its data.
Experts scrubbed the Durham agencies computers clean, isolated and removed the encryption virus, then Durham's backed up files were reloaded. Down for a while, the department's computers rose to live again with all their files in place.
Whether it be an encryption virus for cyber-ransom, a file-eating cyber worm infection, or the sudden death of a hard drive, Salisbury's Souliotis doesn't really care. It all means the same thing, loss of valuable information needed to conduct public business for life-protecting agencies.
He said he's going to discuss new back-up options with Town Manager Neil Harrington. And he's also strongly suggesting that others learn from what happened at Salisbury Fire Department.
"Make sure you're backed up and protected as best you can," he said. "This is a serious virus, and you don't want to have it in your system. Trust me. I know what it can do."
Staff writers Angeljean Chiaramida, Jill Harmacinski, Garrin Marchetti and Lauren DiTullio contributed to this report.
Copyright 2015 The Eagle-Tribune
All Rights Reserved