{"id":16723,"date":"2023-01-26T19:33:55","date_gmt":"2023-01-26T18:33:55","guid":{"rendered":"https:\/\/www.show.it\/us-infiltrates-big-ransomware-gang-we-hacked-the-hackers\/"},"modified":"2023-01-26T19:33:55","modified_gmt":"2023-01-26T18:33:55","slug":"us-infiltrates-big-ransomware-gang-we-hacked-the-hackers","status":"publish","type":"post","link":"https:\/\/www.show.it\/en\/us-infiltrates-big-ransomware-gang-we-hacked-the-hackers\/","title":{"rendered":"US Infiltrates Big Ransomware Gang: \u2018We Hacked the Hackers\u2019"},"content":{"rendered":"<\/p>\n<p>The FBI has at least temporarily <a href=\"https:\/\/www.securityweek.com\/hive-ransomware-operation-apparently-shut-down-by-law-enforcement\/\">dismantled the network of a prolific ransomware gang<\/a> it infiltrated last year, saving victims including hospitals and school districts a potential $130 million in ransom payments, Attorney General Merrick Garland and other U.S. officials announced Thursday.<\/p>\n<p>\u201cSimply put, using lawful means we hacked the hackers,\u201d Deputy Attorney General Lisa Monaco said at a news conference.<\/p>\n<p>Officials said the targeted syndicate, known as <strong>Hive<\/strong>, operates one of the world\u2019s top five ransomware networks. The FBI quietly gained access to its control panel in July and was able to obtain software keys to decrypt the network of some 1,300 victims globally, said FBI Director Christopher Wray. Officials credited German police and other international partners.<\/p>\n<p>It was not immediately clear how the takedown will affect Hive\u2019s long-term operations, however. Officials did not announce any arrests but said they were building a map of Hive\u2019s administrators, who manage the software, and affiliates, who infect targets and negotiate with victims, to pursue prosecutions.<br \/>\u201cI think anyone involved with Hive should be concerned because this investigation is ongoing,\u201d Wray said.<\/p>\n<p>On Wednesday night, FBI agents seized computer infrastructure in Los Angeles that was used to support the network. Hive\u2019s dark web site was also seized.<\/p>\n<p>\u201cCybercrime is a constantly evolving threat, but as I have said before, the Justice Department will spare no resource to bring to justice anyone anywhere that targets the United States with a ransomware attack,\u201d Wray said.<\/p>\n<p>Garland said that thanks to the infiltration, led by the FBI\u2019s Tampa office, agents were able in one instance to disrupt a Hive attack against a Texas school district, stopping it from making a $5 million payment.<\/p>\n<p>The operation is a big win for the Justice Department. The ransomware scourge is the world\u2019s biggest cybercrime headache with everything from Britain\u2019s postal service and Ireland\u2019s national health service to Costa Rica\u2019s government crippled by Russian-speaking syndicates that enjoy Kremlin protection. The criminals lock up, or encrypt, victims\u2019 computer networks, steal sensitive data and demand large sums.<\/p>\n<p>As an example of Hive\u2019s threat, Garland said it had prevented a hospital in the Midwest in 2021 from accepting new patients at the height of the COVID-19 epidemic.<\/p>\n<p>A U.S. government advisory last year said Hive ransomware actors victimized over 1,300 companies worldwide from June 2021 through November 2022, receiving approximately $100 million in ransom payments. It said criminals using Hive ransomware targeted a wide range of businesses and critical infrastructure, including government, manufacturing and especially health care and public health facilities.<\/p>\n<p>The threat captured the attention of the highest levels of the Biden administration two years ago after a series of high-profile attacks that threatened critical infrastructure and global industry. In May 2021, for instance, hackers targeted the nation\u2019s largest fuel pipeline, causing the operators to briefly shut it down and make a multimillion-dollar ransom payment that the U.S. government largely recovered.<\/p>\n<p>Federal officials have used a variety of tools to try to combat the problem, but conventional law enforcement measures such as arrests and prosecutions have done little to frustrate the criminals.<\/p>\n<p>The FBI has <a href=\"https:\/\/www.securityweek.com\/decryption-key-ransomware-delivered-kaseya-attack-made-public\/\">obtained access to decryption keys before<\/a>. It did so in the case of a major 2021 ransomware attack on Kaseya, a company whose software runs hundreds of websites. It took some heat, however, for waiting several weeks to help victims unlock afflicted networks.<\/p>\n<p>The post <a rel=\"nofollow\" href=\"https:\/\/www.securityweek.com\/us-infiltrates-big-ransomware-gang-we-hacked-the-hackers\/\">US Infiltrates Big Ransomware Gang: \u2018We Hacked the Hackers\u2019<\/a> appeared first on <a rel=\"nofollow\" href=\"https:\/\/www.securityweek.com\/\">SecurityWeek<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The FBI has at least temporarily dismantled the network of a prolific ransomware gang it infiltrated last year, saving victims including hospitals and school districts a potential $130 million in ransom payments, Attorney General Merrick Garland and other U.S. officials announced Thursday. \u201cSimply put, using lawful means we hacked the hackers,\u201d Deputy Attorney General Lisa [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":16724,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[27,96,33],"tags":[],"class_list":["post-16723","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybercrime","category-ransomware","category-tracking-law-enforcement"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/16723","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/comments?post=16723"}],"version-history":[{"count":0,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/posts\/16723\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media\/16724"}],"wp:attachment":[{"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/media?parent=16723"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/categories?post=16723"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.show.it\/en\/wp-json\/wp\/v2\/tags?post=16723"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}