(Center Square) -The U.S. Department of Justice has regained most of the ransom paid to hackers who caused the massive closure of its Georgia-based gas pipeline, Deputy Attorney General Lisa Monaco announced on Monday. It follows a string of cyber attacks that panicked consumers and led President Biden to warn Russian Federation that it needed to take "decisive action" against the criminal networks.
The DOJ also released a June 3 memo from Deputy Attorney General Lisa O. Monaco instructing all federal prosecutors to adhere to new guidelines that seek centralize reporting about ransomware victims. "But the old adage "follow the money" still applies", said Monaco, during Monday's press conference.
"Today, we've turned the tables on DarkSide", said Monaco, referring to a ransomware group widely believed to have been behind the crippling fuel pipeline attack.
As the ransom demands have ballooned drastically, inflating from thousands to millions of dollars, so have the attacks on high-profile victims, with companies in energy, education, healthcare, and food sectors increasingly becoming prime targets, in turn fueling a vicious cycle that enables cybercriminals to seek the largest payouts possible. Meanwhile, President Joe Biden is planning to confront Russian President Vladimir Putin on the proliferation of attacks attributed to criminal organizations based in Russia and the region. Ransom payments rose to $350 million a year ago, a 300% increase over 2019, the report said. Previous year was the costliest on record for such attacks.
Update: The Justice Dept info is trickling out and it says hackers were paid 75 bitcoin and the government was able to recover 63.7 of them. Since the ransom was paid the value of Bitcoin has fallen sharply.
The bitcoin at the time was worth $4.4 million. "I know that's a highly controversial decision", he said. The company temporarily shut down its operations on May 7 after a gang of criminal hackers called DarkSide illegally entered its computer system. The group is said to specialize in creating harmful software that can take over corporate systems, unless ransom in the form of digital currency is paid. Elliptic spotted the wallet suspected of holding Colonial's ransom payment on May 14.
FBI Deputy Director Paul Abbate said DarkSide produces ransomware that it sells to hackers who conduct cyberattacks and share a percentage of their proceeds with the malware's developers.
On May 13, DarkSide announced it was suspending its operation, that its servers had been "blocked" and funds from a payment server had been moved to "an unknown account".
With this key, which is effectively a password, agents were able to simply log in and send the digital coins to another wallet they control. The Biden administration is in the process of determining what the government's formal ransomware policy should be, a senior administration official told The Washington Post last week.
The action signals USA law enforcement's ability, in some cases at least, to track cryptocurrency, identify digital wallets and seize funds, a potentially powerful tool in combating ransomware attacks in particular.
"Together, through intelligence sharing and lessons learned, we can work to better protect our nation, its people, and our most critical assets", Blount said on Monday.
DarkSide collected $14 million in ransoms for all of 2020, according to Chainanalysis. A task force of more than 60 experts from industry, government and nonprofits issued a report in April that called ransomware "a flourishing criminal industry that not only risks the personal and financial security of individuals, but also threatens national security and human life".
The Real Reason Donald Trump Shut Down His Website
But according to the Post , the blog drew an unimpressive 1,500 shares or comments on Facebook and Twitter on its final day. The old link now redirects to a webpage urging people to give their contact information to a Trump campaign mailing list.