When a Columbus cybersecurity expert gained access on the dark web to a trove of police, citizen and general city data, some of it was encrypted — rendering it unreadable and virtually useless to him — while lots of it was not, and could be downloaded and immediately read and understood.
David L. Ross Jr., who goes by “Connor Goodwolf” when dealing with dark web issues, told The Dispatch on Aug. 29 that he suspects that a large portion of the city’s data that was stolen by a foreign cybercriminal group and posted online for the world to see wasn’t encrypted by the city at all — which, if true, would be akin to shabby and reckless IT planning, according to experts.
Last Thursday — the day after Ross made these comments to The Dispatch — Columbus City Attorney Zach Klein filed a lawsuit against Ross in which he successfully secured a restraining order prohibiting Ross from accessing, downloading or disseminating any stolen city data.
Mayor Andrew J. Ginther’s office on Tuesday did not say whether all the files stolen were encrypted, or converted into secret computer code to prevent unauthorized access for anyone without the keys to unlock the data jumble.