DOJ recovers $2.3 mln of Colonial Pipeline's ransom

Bitcoin BTC BTCUSD

(Center Square) -The U.S. Department of Justice has regained most of the ransom paid to hackers who caused the massive closure of its Georgia-based gas pipeline, Deputy Attorney General Lisa Monaco announced on Monday. It follows a string of cyber attacks that panicked consumers and led President Biden to warn Russian Federation that it needed to take "decisive action" against the criminal networks.

The DOJ also released a June 3 memo from Deputy Attorney General Lisa O. Monaco instructing all federal prosecutors to adhere to new guidelines that seek centralize reporting about ransomware victims. "But the old adage "follow the money" still applies", said Monaco, during Monday's press conference.

"Today, we've turned the tables on DarkSide", said Monaco, referring to a ransomware group widely believed to have been behind the crippling fuel pipeline attack.

As the ransom demands have ballooned drastically, inflating from thousands to millions of dollars, so have the attacks on high-profile victims, with companies in energy, education, healthcare, and food sectors increasingly becoming prime targets, in turn fueling a vicious cycle that enables cybercriminals to seek the largest payouts possible. Meanwhile, President Joe Biden is planning to confront Russian President Vladimir Putin on the proliferation of attacks attributed to criminal organizations based in Russia and the region. Ransom payments rose to $350 million a year ago, a 300% increase over 2019, the report said. Previous year was the costliest on record for such attacks.

Update: The Justice Dept info is trickling out and it says hackers were paid 75 bitcoin and the government was able to recover 63.7 of them. Since the ransom was paid the value of Bitcoin has fallen sharply.

The bitcoin at the time was worth $4.4 million. "I know that's a highly controversial decision", he said. The company temporarily shut down its operations on May 7 after a gang of criminal hackers called DarkSide illegally entered its computer system. The group is said to specialize in creating harmful software that can take over corporate systems, unless ransom in the form of digital currency is paid. Elliptic spotted the wallet suspected of holding Colonial's ransom payment on May 14.


FBI Deputy Director Paul Abbate said DarkSide produces ransomware that it sells to hackers who conduct cyberattacks and share a percentage of their proceeds with the malware's developers.

On May 13, DarkSide announced it was suspending its operation, that its servers had been "blocked" and funds from a payment server had been moved to "an unknown account".

With this key, which is effectively a password, agents were able to simply log in and send the digital coins to another wallet they control. The Biden administration is in the process of determining what the government's formal ransomware policy should be, a senior administration official told The Washington Post last week.

The action signals USA law enforcement's ability, in some cases at least, to track cryptocurrency, identify digital wallets and seize funds, a potentially powerful tool in combating ransomware attacks in particular.

"Together, through intelligence sharing and lessons learned, we can work to better protect our nation, its people, and our most critical assets", Blount said on Monday.

DarkSide collected $14 million in ransoms for all of 2020, according to Chainanalysis. A task force of more than 60 experts from industry, government and nonprofits issued a report in April that called ransomware "a flourishing criminal industry that not only risks the personal and financial security of individuals, but also threatens national security and human life".

Related:

Comments

Latest news

United Kingdom minister says Delta variant 40 percent more transmissible
Hancock said the 40 percent figure came from the government body of scientific advisors, SAGE. We've said that we'll give people enough time ahead of the June 21 date.

Trudeau "disappointed" Catholic Church refuses to release residential school records
Sudbury churches are planning a commemoration this afternoon to honour children who lost their lives in Canada's residential school system.

Unclassified UFO findings to reveal United States intel community can't explain aerial objects
The report studies that incident, including the video that accompanied the interaction. The provenance of the object is still unknown, the officials said.

The Real Reason Donald Trump Shut Down His Website
But according to the Post , the blog drew an unimpressive 1,500 shares or comments on Facebook and Twitter on its final day. The old link now redirects to a webpage urging people to give their contact information to a Trump campaign mailing list.

Ontario's emergency stay-at-home order officially ends; other restrictions remain
Sources say Ford will meet with his cabinet on Wednesday and it remains unlikely a decision comes before then. Students in Ontario have been doing online learning since April 19.

Other news