Cyber Incident Victim: Belton Police Department
Date:
May 2022
Location:
United States of America
Summary
The Belton Police Department experienced a network disruption due to encrypted malware that blocked access to digital files and services, prompting an investigation into potential data compromise. Systems were isolated, with the FBI notified and forensic experts engaged to assist; authorities indicated affected systems likely contained public information but committed to notifying individuals and providing identity monitoring if personal data was exposed. Operational functions were restored using backup systems amid broader concerns about increasing cyberattacks targeting government entities.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 3 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On May 9, 2022, the Belton Police Department in Missouri experienced a significant disruption to its computer systems due to an encrypted malware attack. The malware infiltrated the department’s network, rendering digital files and services inaccessible and prompting an immediate operational response. Police Chief Scott Lyons publicly confirmed the incident, disclosing that the department had isolated affected systems to prevent further spread of the malware. Authorities initiated a review of cybersecurity protocols and launched an investigation to determine whether sensitive personal information had been compromised. The FBI was notified of the attack in accordance with standard procedures for cyber incidents involving law enforcement agencies. A third-party forensic firm was engaged to assist with the technical investigation and evidence collection. While the primary systems were compromised, backup systems enabled the restoration of critical operational functions, minimizing prolonged downtime.
The attack’s impact centered on the temporary loss of access to internal networks and digital resources, though no specific services or systems were named beyond general references to files and network functionality. Chief Lyons indicated preliminary assessments suggested the compromised systems primarily housed public information, but the investigation continued to verify whether personally identifiable information was exposed. The department committed to providing formal notifications and identity monitoring services to affected individuals if evidence of data exfiltration emerged. The incident highlighted growing cybersecurity risks to government entities, with malware attacks increasingly targeting municipal operations for data theft or disruption. This event occurred shortly after a similar malware attack disrupted government services and tax payment systems in Wyandotte County and Kansas City, Kansas, underscoring regional vulnerabilities. Belton’s response aligned with standard incident recovery practices, emphasizing containment, forensic analysis, and transparency regarding potential data exposure.