Woman pleads guilty in cyberattack on DC police cameras before 2017 inauguration

WASHINGTON — A Romanian woman has pleaded guilty Thursday for the role she played in a ransomware attack that left more than 100 D.C. police surveillance cameras inoperable just days before last year’s presidential inauguration.

Eveline Cismaru, 28, admitted to taking part in an attack that infected 126 computers, which left police unable to access two-thirds of the department’s cameras, according to court records.

The attack happened in 2017 between Jan. 1 and Jan. 12, and the computers were found displaying messages that demanded a combined $60,800 worth of the digital currency bitcoin for the police department to regain access to its computers.

Investigators found two different ransomware programs on the machines, as well as other malicious bulk email programs stocked with close to 180,000 email addresses. Hackers will use infected machines to send out emails from other servers, hoping to mask that the emails are coming from another country and infect more computers.

Cismaru was one of two people prosecutors said was behind the cyberattack. The second suspect, 25-year-old Mihai Alexandru Isvanca, also of Romania, remains held pending extradition, according to the U.S. Secret Service. The agency worked with D.C. police to find those responsible for the attack.

Cismaru was brought to the U.S. in late July, after she fled Romania while on house arrest, and was captured in the U.K. in March.

In a plea deal, Cismaru agreed to cooperate with prosecutors building a case against Isvanca. According to court records, it was Isvanca who introduced Cismaru to cyber criminal activity. Cismaru also said Isvanca was the one to gain access into the D.C. police department’s network and infect the machines that control the cameras.

The D.C. police department and the U.S. Secret Service, through computer forensics, were able to trace emails within the malicious programs back to Cismaru and Isvanca.

D.C. police were able to wipe the hard drives and redo all the infected computers before last year’s presidential inauguration, according to the Secret Service.

Cismaru, also in the plea deal, admitted to operating a fake business on Amazon.co.uk in which she would sell items she didn’t posses, and when ordered, she would use stolen credit cards to buy the item and send it to the purchaser.

Cismaru was charged with one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer fraud. She faces up to 25 years in prison at sentencing.

Like WTOP on Facebook and follow @WTOP on Twitter to engage in conversation about this article and others.

© 2019 WTOP. All Rights Reserved. This website is not intended for users located within the European Economic Area.

More from WTOP

Log in to your WTOP account for notifications and alerts customized for you.

Sign up