United States officials recover $2.3M in crypto from Colonial Pipeline ransom

United States officials recover $2.3M in crypto from Colonial Pipeline ransom

Foreign keyboard criminals with scant fear of repercussions have paralyzed US schools and hospitals, leaked highly sensitive police files, triggered fuel shortages and, most recently, threatened global food supply chains.

The hackers demanded and were paid a ransom of 75 bitcoin on May 8, according to the affidavit.

The escalating havoc caused by ransomware gangs raises an obvious question: Why has the United States, believed to have the world's greatest cyber capabilities, looked so powerless to protect its citizens from these kind of criminals operating with near impunity out of Russian Federation and allied countries?

The growing problems caused by these gangs raise a clear question: Why has the United States looked so powerless to protect its citizens from these kinds of criminals? It is not, however, the first time the government has been able to recover digital currencies paid as ransom to cybercriminals.

In a Monday press conference, Deputy Attorney General Lisa Monaco said that the task force "found and recaptured" millions of dollars worth of Bitcoin (BTC) connected to Russia-based DarkSide hackers - the majority of the $4.4 million funds originally paid. The company says it provides roughly half of fuel supplies for the East Coast.

Colonial officials said they closed their pipeline system and made a decision to pay a ransom of about $4.4 million so they could restart as soon as possible.

Fighting ransomware requires the nonlethal equivalent of the "global war on terrorism" launched after the September 11 attacks, said John Riggi, a former Federal Bureau of Investigation agent and senior adviser for cybersecurity and risk for the America Hospital Association.

"The message we are sending today is that if you come forward and work with law enforcement, we may be able to take that type of action that we took today to deprive the criminal actors of what they're going after here, which is the proceeds of their criminal scheme", Monaco said.

President Joe Biden plans to meet Russia's leader, Vladimir Putin, later this month. The Biden administration has also promised to take action to defend against further attacks.

But the difficulties of stopping ransomware gangs and other cybercriminals have always been clear. The FBI's list of most-wanted cyber fugitives has grown at a rapid clip and now has more than 100 entries, many of whom are not exactly hiding. Many of them are not really hiding. One is Evgeniy Bogachev, who was charged 10 years ago with a series of cyber bank thefts.

This poster provided by the U.S. Department of Justice shows Maxsim Yukabets.

Security firms have suspected for months that the DarkSide gang shares some leadership with that of REvil, a.k.a. Sodinokibi, another ransomware-as-a-service platform that closed up shop in 2019 after bragging that it had extorted more than $2 billion from victims. They also operate in a decentralized network.

"Today we turned the tables on DarkSide", Monaco said, calling such ransomware attacks an "epidemic" that poses a "national security and economic threat" to the U.S.

The profitable business model of double extortion - i.e., combining data exfiltration and ransomware threats - have also resulted in attackers expanding on the technique to what's called triple extortion, wherein payments are demanded from customers, partners, and other third-parties related to the initial breach to demand even more money for their crimes. Also with us are assistant attorney general for national security, John Demers, and acting assistant attorney general for the criminal division, Nick McQuaid.

US policy already permits government specialists to fight against criminals in cyberspace and break up their operations using computer programs. Cybercriminals have also begun to increasingly operate within the borders of USA adversaries, particularly Russian Federation. Yet even as he was speaking from the White House in May, a different Russian-linked ransomware group was publishing thousands of secret documents belonging to the Washington D.C. police department. Experts believe it's the worst ransomware attack against a USA -based law enforcement agency.

"We are not afraid of anyone", the hackers wrote in a follow-up post. Mario Ritter, Jr. was the editor.

Jill Robbins adapted stories written by Alan Suderman and Eric Tucker for the Associated Press for this Learning English story.

Related Articles