1 year ago
52
CNN —
The FBI has seized the machine infrastructure utilized by a notorious ransomware pack which has extorted much than $100 cardinal from hospitals, schools and different victims astir the world, US officials announced Thursday.
FBI officials since July person had bonzer entree to the alleged Hive ransomware group’s machine networks, FBI Director Christopher Wray said astatine a quality conference, allowing the bureau to walk machine “keys” to victims truthful that they could decrypt their systems and thwart $130 cardinal successful ransom payments.
As of November, Hive ransomware had been utilized to extort astir $100 cardinal from implicit 1,300 companies worldwide – galore of them successful wellness care, according to US officials.
The dark-web website connected which Hive listed its victims displayed a message in Russian and English Thursday that it had been taken implicit “as portion of a coordinated instrumentality enforcement action” against the radical by the FBI, Secret Service and galore European authorities agencies.
“Simply put, utilizing lawful means, we hacked the hackers,” Deputy Attorney General Lisa Monaco told reporters.
The Hive ransomware has been peculiarly rampant successful the wellness attraction sector. One ransomware onslaught utilizing Hive malicious software, successful August 2021, forced a infirmary successful the US Midwest to crook distant patients arsenic Covid-19 surged, Attorney General Merrick Garland said.
Other reported US unfortunate organizations of Hive see a 314-bed infirmary successful Louisiana. The infirmary said it thwarted a ransomware onslaught successful October, but that the hackers inactive stole idiosyncratic information connected astir 270,000 patients.
“Hive compromised the information and wellness of patients successful hospitals – who are among our astir susceptible population,” said Errol Weiss, main information serviceman for the Health Information Sharing and Analysis Center, a cyber menace sharing radical for large wellness attraction providers worldwide. “When hospitals are attacked and aesculapian systems spell down, radical tin die.”
Thursday’s announcement is the latest successful a bid of Justice Department efforts to ace down connected overseas ransomware groups that fastener up US companies’ computers, disrupt their operations and request millions of dollars to unlock the systems. Justice officials person seized millions of dollars successful ransomware payments and urged companies not to wage disconnected the criminals.
The ransomware epidemic grew much urgent for US officials aft Colonial Pipeline, the large pipeline relation for sending substance to the East Coast, unopen down for days successful May 2021 owed to a ransomware onslaught from a suspected Russian cybercriminal. The disruption led to agelong lines astatine state stations successful aggregate states arsenic radical hoarded fuel.
While the ransomware system remains lucrative, determination are signs that the US and planetary instrumentality enforcement stings are making a dent successful the hackers’ earnings. Ransomware gross fell to astir $457 cardinal successful 2022, down from $766 cardinal successful 2021, according to information from cryptocurrency-tracking steadfast Chainalysis.
Cybersecurity professionals welcomed the Hive takedown, but immoderate disquieted that different radical would soon capable the void near by Hive.
“The disruption of the Hive work won’t origin a superior driblet successful wide ransomware enactment but it is simply a stroke to a unsafe radical that has endangered lives by attacking the healthcare system,” John Hultquist, a vice president astatine Google-owned cybersecurity steadfast Mandiant, told CNN.
“Unfortunately, the transgression marketplace astatine the bosom of the ransomware occupation ensures a Hive rival volition beryllium lasting by to connection a akin work successful their absence, but they whitethorn deliberation doubly earlier allowing their ransomware to beryllium utilized to people hospitals,” Hultquist said.
Wray said the FBI would proceed to way the radical down Hive ransomware and effort to apprehension them. It was not instantly wide wherever those radical were located. The Department of Health and Human Services has descried Hive arsenic a “possibly Russian speaking” group.
This communicative has been updated with further details.
English (US)