Cyber Incident Victim: Newark Police Department
Date:
Apr 2016
Location:
United States of America
Summary
A virus infected the Newark Police Department's computer systems, requiring four days to remediate with assistance from federal, state, and county authorities. The attack temporarily locked servers and disrupted access to crime data analysis tools, though emergency services remained operational without evidence of data compromise. Following the incident, the department implemented unspecified additional security measures to prevent future attacks. This event mirrored broader cybersecurity challenges faced by emergency services, exemplified by a contemporaneous ransomware incident affecting a Los Angeles hospital's network.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
A virus infected computer systems at the Newark Police Department in New Jersey during the week preceding April 18, 2016, requiring four days to fully remediate. The infection temporarily locked down departmental servers, specifically blocking access to software used for tracking and analyzing crime data. Despite this disruption, the police department confirmed emergency services for citizens remained operational throughout the incident. Authorities found no evidence indicating any data breach occurred as a result of the attack. The department activated its incident response protocols, immediately engaging internal IT teams alongside external assistance from the Essex County Prosecutor’s Office, New Jersey State Police, and federal agencies to contain and eradicate the threat.
Collaborative efforts between municipal, county, state, and federal partners enabled the department to restore system functionality within the four-day remediation window. Following standard protocols, Newark Police formally reported the incident to the FBI, New Jersey State Police, and the Essex County Prosecutor’s Office. In response to the attack, the department implemented unspecified additional network safeguards designed to strengthen defenses against future infections. Officials deliberately withheld technical details about these security enhancements, citing operational security concerns to minimize the risk of aiding potential attackers. The incident highlighted vulnerabilities in critical public safety infrastructure, occurring months after a separate ransomware attack disrupted a Los Angeles hospital’s network earlier in 2016.