City of Columbus Sues Man After He Discloses Severity of Ransomware Attack (arstechnica.com) 14
An anonymous reader quotes a report from Ars Technica, written by Dan Goodin: A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a recent ransomware attack on the city of Columbus scooped up reams of sensitive personal information, contradicting claims made by city officials. The order, issued by a judge in Ohio's Franklin County, came after the city of Columbus fell victim to a ransomware attack on July 18 that siphoned 6.5 terabytes of the city's data. A ransomware group known as Rhysida took credit for the attack and offered to auction off the data with a starting bid of about $1.7 million in bitcoin. On August 8, after the auction failed to find a bidder, Rhysida released what it said was about 45 percent of the stolen data on the group's dark web site, which is accessible to anyone with a TOR browser.
Columbus Mayor Andrew Ginther said on August 13 that a "breakthrough" in the city's forensic investigation of the breach found that the sensitive files Rhysida obtained were either encrypted or corrupted, making them "unusable" to the thieves. Ginther went on to say the data's lack of integrity was likely the reason the ransomware group had been unable to auction off the data. Shortly after Ginther made his remarks, security researcher David Leroy Ross contacted local news outlets and presented evidence that showed the data Rhysida published was fully intact and contained highly sensitive information regarding city employees and residents. Ross, who uses the alias Connor Goodwolf, presented screenshots and other data that showed the files Rhysida had posted included names from domestic violence cases and Social Security numbers for police officers and crime victims. Some of the data spanned years.
On Thursday, the city of Columbus sued Ross (PDF) for alleged damages for criminal acts, invasion of privacy, negligence, and civil conversion. The lawsuit claimed that downloading documents from a dark web site run by ransomware attackers amounted to him "interacting" with them and required special expertise and tools. The suit went on to challenge Ross alerting reporters to the information, which ii claimed would not be easily obtained by others. "Only individuals willing to navigate and interact with the criminal element on the dark web, who also have the computer expertise and tools necessary to download data from the dark web, would be able to do so," city attorneys wrote. "The dark web-posted data is not readily available for public consumption. Defendant is making it so." The same day, a Franklin County judge granted the city's motion for a temporary restraining order (PDF) against Ross. It bars the researcher "from accessing, and/or downloading, and/or disseminating" any city files that were posted to the dark web. The motion was made and granted "ex parte," meaning in secret before Ross was informed of it or had an opportunity to present his case.
Columbus Mayor Andrew Ginther said on August 13 that a "breakthrough" in the city's forensic investigation of the breach found that the sensitive files Rhysida obtained were either encrypted or corrupted, making them "unusable" to the thieves. Ginther went on to say the data's lack of integrity was likely the reason the ransomware group had been unable to auction off the data. Shortly after Ginther made his remarks, security researcher David Leroy Ross contacted local news outlets and presented evidence that showed the data Rhysida published was fully intact and contained highly sensitive information regarding city employees and residents. Ross, who uses the alias Connor Goodwolf, presented screenshots and other data that showed the files Rhysida had posted included names from domestic violence cases and Social Security numbers for police officers and crime victims. Some of the data spanned years.
On Thursday, the city of Columbus sued Ross (PDF) for alleged damages for criminal acts, invasion of privacy, negligence, and civil conversion. The lawsuit claimed that downloading documents from a dark web site run by ransomware attackers amounted to him "interacting" with them and required special expertise and tools. The suit went on to challenge Ross alerting reporters to the information, which ii claimed would not be easily obtained by others. "Only individuals willing to navigate and interact with the criminal element on the dark web, who also have the computer expertise and tools necessary to download data from the dark web, would be able to do so," city attorneys wrote. "The dark web-posted data is not readily available for public consumption. Defendant is making it so." The same day, a Franklin County judge granted the city's motion for a temporary restraining order (PDF) against Ross. It bars the researcher "from accessing, and/or downloading, and/or disseminating" any city files that were posted to the dark web. The motion was made and granted "ex parte," meaning in secret before Ross was informed of it or had an opportunity to present his case.
SLAPP (Score:3)
Strategic Lawsuit Against Public Participation
Re: (Score:2)
Re: (Score:2)
Could argue whistleblower protection
In America, whistleblowers go to prison or flee the country to avoid prison.
Re: (Score:3)
Yes, but as someone currently being sued in an over 200 page SLAPP suit [w9cr.net], you still have to defend it. I'm about 65k into this and 2+ years of time has elapsed. I've recently become aware of the same suit being filed by the same Plaintiff in another state now, but I've not been served in this new, parallel, litigation.
The system assumes the Plaintiff's complaint is truthful and it is the responsibility of the defendant to prove otherwise. A defendant must pay for and retain expert witnesses to refute e
Re: (Score:2)
Krebs will pick it up and probably the EFF will step in. Possibly also the ACLU. The Streisand effect is going to be in full force and IT at the city is going to get screwed, but we can at least hope it also ends the political careers of those idiots.
Re: (Score:2)
Re: (Score:2)
Many states have Anti-SLAPP legislation on the books, whereby a suit can be dismissed with prejudice with the filing of a (relatively) simple pre-trial motion by defendants.
Ohio is not one of them. They did have bills before their house and senate this summer to implement such... but not yet. They do have a law on the books that allows defendants to recoup costs if they successfully defend against a SLAPP.
It sucks that you are not in a jurisdiction with strong Anti-SLAPP laws. Good luck to you.
How are these farkwits (Score:2)
...not being burned at the stake?
Only individuals willing to navigate and interact with the criminal element on the dark web, who also have the computer expertise and tools necessary to download data from the dark web,
ie, every scum-sucking crim out there...
What universe do these chucklefarks live in? Oh, wait. Nevermind....
Re: (Score:2)
They sound like the sort of people who call IT every morning to remind them how to turn the lights on in their office. Does that switch thuingy go up or down, so many confusing choices!
Well that doesn't make sense! (Score:3)
Ginther already claimed the data was encrypted or corrupted. If that's true, how can he claim Goodwolf is showing the data to people?
Oh wait a minute. Was Ginther lying about the data? If so, then it wasn't Goodwolf who made the data public, it was the city.
Ginther probably wanted to keep this quiet, but that doesn't make any sense either because the city is suing the security researcher. Now it's known in every security circle and tech web site on the planet.
Re: (Score:2)
It's the oldest and most used form of cancelling in the book. Look what we can do if you embarrass us.
And also the most hypocritical. But then that's one of the points I guess. We are hypocrites and we don't care because we don't need to follow the rules ourselves.
Arrest the city council too (Score:1)
And bringing council's lies to light isn't remotely a crime. Covering up their mendacity is the real threat to public order.
Furries bringing truth to light (Score:2)
Not a fan of this specific furry, but I'll give credit where credit is due.
And the State trying to shut hom up is only going to result in bad things for them. Furries will unite hard over common causes. Witness what was done after Dragoneer's recent death - almost 1/4 million dollars total raised, from under 4,000 people. [gofundme.com]
Word will get out and furries will fund this one's defense, and counter-suit.
Also, furries run the internet. Ohio just picked the wrong group to piss off, when it comes to matters of IT.
above board (Score:2)
'The motion was made and granted "ex parte," meaning in secret before Ross was informed of it or had an opportunity to present his case.'
Well that certainly sounds kosher and above board. Amerikan, even.
Good old "Guilty until proven Innocent". It saves So much time, huh?