From Techdirt, by Tim Cushing
from the all-good-on-THIS-side,-assume-same-for-others,-etc. dept
Ransomware is everywhere. And it’s affecting everything, including critical systems. Sure, it’s kind of humiliating to be locked out of your smart TV, but hospitals are being locked out of patient records and –in a new twist — hotel guests are being locked out of their rooms.
Then there’s something like this, where the chain of evidence is disrupted by ransomware purveyors.
The Cockrell Hill Police Department lost video evidence and a cache of digital documents after hackers invaded the department’s computer system last month.
Stephen Barlag, Cockrell Hill’s police chief, said the incident was not the work of hackers, but acknowledged that the incident included a computer-generated ransom demand.
“This was not a hacking incident,” Barlag said in a news release Wednesday evening. “No files or confidential information was breached or obtained by any outside parties.”
[Rather entertaining to note WFAA’s opening sentence is immediately contradicted by the Police Chief’s statements. #journalism]
While it’s reassuring no evidence was obtained by outside parties, it’s not that much more reassuring to hear the owner of the data couldn’t access it either. The PD consulted with the FBI before coming to conclusion that the files might still be inaccessible even if it did pay the $4,000 ransom.
The department, however, is not being all that upfront about the possible negative effect this might have on criminal defendants, who might want to challenge the evidence against them or look through it for anything exculpatory. The department — despite admitting its backup was similarly infected — claims this is no big deal.
Barlag said of the lost files, “none of this was critical information.”
“Well, that depends on what side of the jail cell you’re sitting,” said J. Collin Beggs, a Dallas criminal defense lawyer who has a client charged in a Cockrell Hill felony evading case involving some of the lost video evidence.
This would be video evidence Beggs has been asking for since last summer — well before the PD’s files were wiped out by ransomware. It could be very critical information, despite Police Chief Barlag’s assertion to the contrary. What’s useful to a defendant is seldom viewed as useful by law enforcement. Hence the difference of opinion.
But even while stating nothing of (subjective) value was lost, Chief Barlag did admit there was a possibility that defense lawyers might be interested in finding out what evidence might no longer be available. And the department may not have made this loss public if it hadn’t needed to speak to defendants about its inability to secure relevant evidence.
Barlag said he didn’t know how much of of the digital material lost was evidence in pending criminal cases, but acknowledged that some of it was. He said no cases have been dismissed that he knows of because of the losses.
Well… yet. The infection wasn’t discovered until December 12th and the department didn’t go public until more than a month after that. So, news that evidence needed in prosecutions may not be available has spread very slowly. And the details of what’s recoverable makes it clear that the department values narrative over less-biased documentation. The police reports are retained in hard copy. Any recordings of incidents detailed in these reports are apparently backed up in a more haphazard fashion.
Some of the videos were backed up on CDs, but those that were not are lost.
No police reports, nor any criminal history information, was lost, Barlag said.
Comforting… for the police department. Not so much for criminal defendants, who are going to have an even harder time arguing against “our word vs. yours” assertions — which cops can back up with police reports while giving defendants nothing at all to push back with.