Posted on June 8, 2021 at 7:03 PM
Hacker using the NetWalker ransomware has been terrorizing U.S. companies with series of cyberattacks. The impacted companies were also forced to pay ransom in millions of dollars. No, it seems the U.S government is devising means to get back the funds allegedly paid to them.
The US Justice Department says it has recovered most of the multimillion-dollar ransom payments made to hackers responsible for the Colonial Pipeline attack last month.
The operation was created by the Biden administration as a specialized ransomware task force. According to U.S. officials, the task force has decided to use an aggressive approach to tackle ransomware threats in the country.
Rising levels of ransom payments
The FBI had previously detailed how it tracked crypto assets flowing from the victims that suffered hacking incidence from last year. The investigative unit also revealed certain individuals potentially linked to the criminal organization.
It revealed that the highest single ransom payment was about 303 Bitcoins, paid last year by a single organization. This was valued at about $2.8 million at the time, but it is now valued at more than $11 million.
The U.S. government is going after the criminal organizations
Lisa Monaco, deputy attorney general to the federation, stated that the administration wants to “go after the ecosystem that fuels ransomware and digital currency.” She added that the main goal is to use the necessary tools and resources to deal with the threat actors and their attacking mechanisms.
After the attack on Colonial Pipeline, which supplies close to 50% of the fuel consumed on the US east coast, the company temporarily shut down its operations on May 7.
The DarkSide hacking syndicate claimed responsibility for the attack and demanded a ransom payment if Colonial wants the stolen data back.
The company reportedly paid $4.4 million in Bitcoin (63.7 BTC at the time) in hopes of bringing its systems back online as soon as possible. However, due to the fall in Bitcoin’s price, the ransom amount is currently valued at $2.3 million.
Generally, the FBI does not encourage the payment of ransom since it could spur more hackers to enter the criminal trade and cause more havoc. White House press secretary Jen Psaki, also reiterated that stance during the daily media briefing last Friday.
On the same day, Christopher Wray, the FBI director, warned that tracking ransomware and cyberattacks on commercial entities and the US government will be a major step towards dealing with the international terrorist threat to the country.
Companies have been asked to report cases quickly
US President Joe Biden also plans to bring up the cyber attack issue with his Russian counterpart President Vladimir Putin later this month in Switzerland. Security agencies have blamed Russian hackers for the majority of ransomware attacks on US organizations. However, the Russian government has vehemently denied its involvement in any of the attacks.
But the discussions between the two nations are centered on fishing out those hackers who are based in Russia.
Monaco reiterated that companies who have been attacked should report to law enforcement immediately. According to her, a prompt report of the incident will enable them to react quickly and conduct similar seizures in the future.
Ransomware attacks generally consist of threat actors hacking into a company or an organization’s system, encrypting their data in the process. After scrambling the data, the threat actor demands ransom payment before releasing the data. In some cases, the hacker may take full control of the system, acting exactly like an administrator.
Companies should concentrate on strengthening their security
Monaco also reiterated that the fact that it’s possible to conduct seizures of ransom payment doesn’t mean companies should go-ahead to meet hackers’ demands. She stressed that payment of ransom does not, by any means, guarantee that the file or stolen data will be released by the hackers. “We cannot guarantee – and we may not be able to do this in every instance,” Monaco stated.
She said organizations should always stand against such demands and concentrate more on strengthening their security systems.