FBI Infiltrates, Shuts Down 'Hive' Ransomware Gang Responsible For Thousands Of Attacks
The FBI has seized a website from a notorious ransomware gang that extorted millions of dollars from more than 1,500 victim organizations worldwide, officials announced Thursday.
The dark-web website of the so-called "Hive" ransomware group displayed a message Thursday that it had been taken over "as part of a coordinated law enforcement action" against the group by the FBI, Secret Service, and numerous European government agencies.
Ransomware attacks have surged in recent years, holding the data of critical organizations like hospitals, governments, and schools hostage. This increase has prompted the Biden administration to strap down on groups such as Hive.
At a news conference, U.S. Attorney General Merrick Garland, FBI Director Christopher Wray, and Deputy U.S. Attorney General Lisa Monaco said government hackers broke into Hive's network and put the gang under surveillance, covertly stealing the digital keys the group used to unlock victim organizations' data.
"Simply put, using lawful means, we hacked the hackers," Monaco told reporters.
Garland said Hive was behind attacks in the past two years on a Midwest hospital, which was forced to stop accepting new patients and to pay a ransom to decrypt health data.
While Garland did not name the hospital, the Memorial Health System in West Virginia and Ohio was attacked by Hive affiliates at the same time. Hive was also linked to an attack last year on Costa Rica's public health service.
The ransomware epidemic grew more urgent for U.S. officials after Colonial Pipeline, the major pipeline operator for sending fuel to the East Coast, shut down for days in May 2021 due to a ransomware attack from a suspected Russian cybercriminal. The disruption led to long lines at gas stations in multiple states as people hoarded fuel.
In that case, the Justice Department seized some $2.3 million in cryptocurrency ransom after the fuel company had already paid the hackers.
While the ransomware economy remains lucrative, there are signs that the U.S. and international law enforcement stings are making a dent in the hackers' earnings. Ransomware revenue fell to about $457 million in 2022, down from $766 million in 2021, according to data from cryptocurrency-tracking firm Chainalysis.
"Cybercrime is a constantly evolving threat, but as I have said before, the Justice Department will spare no resources to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack," Garland said.
No arrests have been announced as of Thursday, but FBI Director Chris Wray made it clear to reporters that the agency continues to track the people behind Hive, and will have no mercy in its pursuit.
"A reminder to cybercriminals: No matter where you are, and no matter how much you try to twist and turn to cover your tracks — your infrastructure, your criminal associates, your money and your liberty are all at risk, and there will be consequences," Wray said.
© Copyright IBTimes 2024. All rights reserved.