This was the “OSIRIS” variant of Locky and looked for about $4k in ransom. According to one article, the chief said. “Our automatic backup started after the infection, so it just backed up infected files” which sounds more like replication than backups. It could also be a gross misconfiguration of the backups, either way, the data is gone.
The press release states that this is the result of a phishing email, which is very typical of this sort of thing.
There is more info at the above links or here: https://blog.knowbe4.com/ransomware-infection-causes-loss-of-8-years-of-police-department-evidence
Erich Kron is the Security Awareness Advocate at KnowBe4, and has over 20 years’ experience in the medical, aerospace manufacturing and defense fields. He is the former security manager for the 2nd Regional Cyber Center-Western Hemisphere.