The FBI infiltrated and disrupted a major cybercriminal group that extorted schools, hospitals and critical infrastructure around the world, federal officials said Thursday.

The group, Hive, is one of the most prolific hacker gangs in the world, having received about $100 million in extortion payments, according to a November warning from the FBI, Health and Human Services and the Cybersecurity and Infrastructure Security Agency. As of Thursday morning, its website on the dark web showed a message saying it had been seized by an international law enforcement coalition, including the FBI and Justice Department.

The FBI said it gained access to Hive’s computer networks in July 2022, acquiring decryption keys to more than 1,300 current and past victims, which helped prevent more than $130 million in demanded ransom money. Ransomware hackers extort victims by hacking into an organization, then either encrypting their files, rendering computers unusable, or stealing and threatening to leak those files. Previous ransomware attacks have resulted in the release of sensitive information about law enforcement officers and schoolchildren.

Those figures underscore just how large the ransomware crime ecosystem has grown. Jen Ellis, a co-chair of the Ransomware Task Force, a cybersecurity industry partnership to address ransomware, said that the takedown on Thursday was a major step, but likely wouldn’t stop Hive entirely.

The FBI did not announce any arrests, but is still investigating the group. FBI director Christopher Wray and Attorney General Merrick Garland announced the action in a press conference.

The takedown is a rare victory against a ransomware gang. Such groups often act with near-impunity in attacking targets in the U.S. and around the world.

“In the grand scheme of things, it probably won’t put Hive out of business, but it’s about attrition and cost,” Ellis said.

Ransomware gangs are often decentralized, with affiliate members who can be scattered around the world. But as is often the case with such groups, Hive’s core group spoke Russian, said Allan Liska, a ransomware analyst at the cybersecurity firm Recorded Future.

Russia does not extradite its citizens, and the White House has struggled to convince the Kremlin to take action against its international cybercriminals.

In a press conference following the announcement, attorney general Merrick Garland declined to comment about the Kremlin’s relationship with Hive.

The Treasury Department has estimated that in 2021, the most recent year for which it has public data, ransomware attacks cost U.S. organizations $886 million.

Michael Daniel, the president of the Cyber Threat Alliance, an industry group that acts as a clearinghouse of threat information between cybersecurity companies, said he expected the FBI’s takedown to slow the global ransomware threat.

“I would say the impact will be noticeable for a period of time,” Daniel said.

But law enforcement needs to be consistently aggressive against such hackers to make a significant impact, he said.

“What I think we need to see is these kinds of takedowns happening very frequently,” Daniel said.

Source: | This article originally belongs to Nbcnews.com

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Reddit’s Herman Cain Covid ‘award’ is a wildly depressing sign of our times

The increasingly popular r/HermanCainAward subreddit on Reddit.com is a distressingly predictable sign…

Biden to resend former L.A. Mayor Garcetti’s stalled ambassador nomination and others to Senate

President Joe Biden plans to renominate former Los Angeles Mayor Eric Garcetti…

Biden says the U.S. will defend Taiwan from China. Can it?

Meeting with Asian allies in Tokyo on Monday, President Joe Biden said…

Lee ‘Scratch’ Perry, reggae pioneer who was producer for Bob Marley, dies at 85

Lee “Scratch” Perry, the eccentric, revolutionary Jamaican producer, songwriter and performer whose…