US recovered millions in ransom from Colonial Pipeline hackers

US recovered millions in ransom from Colonial Pipeline hackers

US recovered millions in ransom from Colonial Pipeline hackers

The software these criminals use is called ransomware.

After the JBS attack, last week US President Joe Biden said he was "looking closely" at possible retaliation over the cyberattacks.

The report, published by the nonprofit Institute for Security and Technology, estimated that almost 2,400 governments, healthcare facilities and schools were victims of ransomware attacks past year.

Calls are growing for the administration to direct USA intelligence agencies and the military to attack ransomware gangs' technical infrastructure used for hacking, posting sensitive victim data on the dark web and storing digital currency payouts.

In a statement Monday, Blount said he was grateful for the FBI's efforts and said holding hackers accountable and disrupting their activities "is the best way to deter and defend against future attacks of this nature". Its members have been hard hit by ransomware gangs during the coronavirus pandemic. If an attack does happen, victims are encouraged to work with law enforcement. A task force of more than 60 experts from industry, government and nonprofits issued a report in April that called ransomware "a flourishing criminal industry that not only risks the personal and financial security of individuals, but also threatens national security and human life".

"Take their infrastructure away, go after their wallets, their ability to cash out", said Philip Reiner, a lead author of the report. When the victim pays the ransom to free up the system, the affiliate keeps a majority of the payment, while DarkSide gets the rest. The FBI's list of most-wanted cyber fugitives has grown at a rapid clip and now has more than 100 entries, many of whom are not exactly hiding. Evgeniy Bogachev, indicted almost a decade ago for what prosecutors say was a wave of cyber bank thefts, lives in a Russian resort town and "is known to enjoy boating" on the Black Sea, according to the FBI's wanted listing.

American victims of the Darkside ransomware gang can be found in the manufacturing, legal, insurance, health care and energy sectors, according to Abbate. They also share resources.

CNN reports that the US Justice Dept will announce later today details of an operation to recover crypto that was paid in the Colonial pipeline hack.

The disruptive power of the ransomware pandemic has also set in motion a series of actions, what with the U.S. Federal Bureau of Investigation (FBI) making the longstanding problem a "top priority". "Trying to attribute to a person in cyberspace is not an easy task, even for intelligence communities".

Reiner said those limits do not mean the United States can not still make progress against defeating ransomware, comparing it with America's ability to degrade the terrorist group al-Qaida while not capturing its leader, Ayman al-Zawahiri, who took over after US troops killed Osama bin Laden.

"Ransom payments are the fuel that propels the digital extortion engine, and today's announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises", said Monaco.

The shutdown caused short-term fuel shortages and drew attention to the broader threat that the burgeoning ransomware "industry" posed to essential infrastructure and services.

The FBI was able to find the Bitcoin by uncovering the digital addresses the hackers used to transfer the funds, according to an eight-page seizure warrant released by the Justice Department on Monday.

USA intelligence and law enforcement officials say stopping hacking attacks has become a national security priority, and the issue has raised tensions between the US and Russian Federation. "This was an attack against some of our most critical infrastructure".

US policy called "persistent engagement" already authorizes cyberwarriors to engage hostile hackers in cyberspace and disrupt their operations with code.

On May 7, the DarkSide ransomware gang sprang its attack against Colonial, which ultimately paid 75 Bitcoin (~$4.4 million) to its tormentors. Yet even as he was speaking from the White House in May, a different Russian-linked ransomware group was publishing thousands of secret documents belonging to the Washington D.C. police department.

Related news

[an error occurred while processing the directive]