Threat actors are compromising email accounts belonging to law enforcement officers as an uptick in ‘hack the police’ activity is reported by threat intelligence experts at Resecurity. In an online report dated 6 July, the U.S.-based security company reveals how different threat methodologies have been employed to increasingly good effect in the first half of 2022. The report says that compromised law enforcement email accounts have been used to send fake emergency data requests (EDRs) to organizations such as Apple, Facebook/Meta, and Snapchat.
Resecurity further says it has evidence of “multiple marketplaces in the Dark Web where cybercriminals have monetized accounts and credentials belonging to police officers of various foreign countries.”
Cyber-espionage behind most hack the police threats
As reported by Security Affairs, when it comes to hacking the police and law enforcement agencies in the broader sense, the typical threat scenarios are:
- Cyber-espionage (40%)
- Unauthorized access (25%)
- Hacktivism (15%)
- Data theft (12%)
- System and application abuse (8%)
Police hack-attacks are a ‘signifcant risk to our society’ report warns
Resecurity warns that the “visible security of law enforcement IT infrastructure” could create a “significant risk to our society” and concedes that both terrorist groups and extremists, alongside cyber-criminals, may be able to “leverage such access for malicious purposes.” What’s more, as cyber-espionage sits at the top of the pile, and given that some cyber-criminal groups are known to collaborate with state-supported actors, state-sponsored attacks cannot be left out of the risk equation.
Some of the threat examples listed include Conti actors targeting an intelligence agency in Peru, hundreds of thousands of leaked emails from the Republic of Nauru Police being published, and the most recent case of more than a billion citizen data records allegedly held in a hacked Shanghai Police database being offered for sale.