The gang’s takedown, Bennett said, is a sign of what is coming. “The fact that it is basically being broadcast in a language, I think, is telling that that's the target audience that they're letting know that they got this,” Bennett said in an interview. John Bennett, a former senior FBI official who is now managing director of the Cyber Risk Business Unit at Kroll, a cybersecurity services company, noted that the seizure notice on Hive’s website, written in both English and a Slavic language, suggests it is aimed at an Eastern European audience. Officials would not say whether Hive had any known links to Russia. Roughly 75% of the ransomware attacks reported in 2021 had a nexus with Russia, its proxies or persons acting on its behalf, according to FinCen, which also says the top five highest-grossing ransomware tools used in 2021 were all connected to Russian cyberactors. banks and financial institutions processed nearly $1.2 billion in suspected ransomware payments in 2021, more than double the amount in 2020, the Treasury Department’s Financial Crimes Enforcement Network (FinCen) reported in November.
#Operation extortion crack#
The takedown represents a win for the Biden administration’s efforts to crack down on a recent surge in ransomware attacks that cost businesses and governments around the world billions of dollars a year. The FBI also distributed more than 1,000 additional decryption keys to previous Hive victims. In all, the FBI provided more than 300 victims with decryption keys, Garland said, among them a Texas school district, a Louisiana hospital, and a food services company that had been asked to make millions of dollars in ransom payments. “Simply put, using lawful means, we hacked the hackers,” Deputy Attorney General Lisa Monaco said. “We’re engaged in what we call ‘joint sequenced operations' … and that includes going after their infrastructure, going after their crypto and going after the people who work with them,” Wray said.įBI agents infiltrated Hive from July 2022 until its seizure, covertly capturing its decryption keys and sharing them with victims, saving the targets $130 million in ransom payments, officials said. While no arrests have been made in connection with the operation, FBI Director Christopher Wray warned that “anybody involved with Hive should be concerned, because this investigation is very much ongoing.”įBI Director Christopher Wray, with Deputy Attorney General Lisa Monaco and Attorney General Merrick Garland, speaks during a news conference at the Justice Department in Washington, Jan.
The hospital was able to recover its data only after paying a ransom, the attorney general said. In August 2021, at the height of the COVID-19 pandemic, Hive affiliates attacked a Midwest hospital’s network, preventing the medical facility from accepting new patients, Garland said. Garland said Hive affiliates targeted “critical infrastructure and some of our nation's most important industries.”
Hive used a “ransomware-as-a-service” model in which highly skilled developers build the malware and then recruit less-sophisticated affiliates to deploy them against victims. In a ransomware attack, hackers encrypt the data on a victim’s network and then demand payments in exchange for providing a decryption key. "But as I have said before, the Justice Department will spare no resource to identify and bring to justice anyone, anywhere, who targets the United States with a ransomware attack.” “Cybercrime is a constantly evolving threat," Garland said. 26, 2023.Īttorney General Merrick Garland and other top law enforcement officials announced the operation. Attorney General Merrick Garland speaks during a news conference at the Department of Justice in Washington, Jan.
0 kommentar(er)
