The amazing story of the FBI hacking into a ransomware gang and undermining them for six months illustrates the seriousness and sophistication of the fight against cybercrime – but also reveals just how resilient organised gangs and the developers they employ have become.
► Around $130 million of ransomware payments prevented
► Servers seized but the perpetrators may still be at large
► Partners must stay right up to date with developments
A report published on www.bleepingcomputer.com told the story of how the FBI infiltrated the Hive ransomware group in July last year and for the next six months, handed de-encryption keys to anyone targeted by the group. This stopped around approximately $130 million of ransom payments being made.
The FBI, and other police forces who worked with them around the world, gained access to both dedicated and virtual servers that were used by the Hive group – which has been run as a RaaS (Ransomware as a Service) operation. But while they were able to shut down these servers, it’s unclear whether or not they have made any arrests as a result of their actions.
Sam Darling, cybersecurity business development manager at TD SYNNEX, said that tracking down the perpetrators is likely to be a challenge. ‘This is a great example of how you can fight fire with fire but getting hold of the original arsonists might not be easy. While the seized servers contained information on 250 of Hive’s “affiliates”, we don’t know how many they have actually traced. The chances are, not many or even any and those people will, very probably, simply replicate what they did with Hive elsewhere.
‘This shows us just how much effort it takes and how difficult it is to shut down ransomware operations completely. With ransomware firms offering programmers as much as $20,000 a week on the dark web, it’s easy to see why individuals might be attracted to a life of cybercrime. These people are smart and highly skilled. They know how to cover their digital tracks and with the returns they are getting, ransomware will continue to be a big problem.’
It’s yet another example of why cybersecurity is such a burning issue for all organisations today and why partners need to stay right up to pace with developments. Sam Darling is hosting a series of ‘Cyber Sam’ discussions on current security topics that partners should be aware of – and the TD SYNNEX security practice can help you with every aspect of cybersecurity and data protection. If you’d like to know more, please click below to send an email.
Read more of our latest Security news stories
