The Federal Bureau of Investigation (FBI) successfully seized a ransomware gang website that sought to extort 300 victims out of roughly $130 million, said officials on Thursday.
Authorities noted that the planned crime was thwarted after they secretly hacked and disrupted the prolific ransomware gang known as Hive. Several high-ranking U.S. officials, Attorney-General Merrick Garland, FBI Director Christopher Wray, and Deputy U.S. Attorney-General Lisa Monaco, announced the news during a news conference.
FBI Seizes Ransomware Group's Website
The officials said that government-backed hackers broke into the ransomware group's network and placed it under surveillance. They then secretly stole the ransomware group's digital keys to unlock victim organizations' data.
Authorities later alerted the victims beforehand to take precautionary measures to protect their systems before the ransomware group demanded payments. Monaco said that the American government, using lawful means, could hack the hackers and turned the tables on Hive, as per Reuters.
The news of the government's operation was first leaked on Thursday morning when the ransomware group's website was suddenly replaced with a flashing message. It read that the FBI had successfully seized the site as part of its coordinated law enforcement action against the group.
Furthermore, the German Federal Criminal Police and the Dutch National High Tech Crime Unit were also able to seize Hive's servers. In a statement, German Police Commissioner Udo Vogel said that intensive cooperation across national borders and continents is crucial in effectively fighting against cybercrime.
The recent takedown of the ransomware group's website is unique, even among high-profile ransomware cases that the United States Justice Department announced in the past few years. The list includes a cyber attack in 2021 against the Colonial Pipeline Co.
Read Also : California Mass Shooter's Weapons Revealed
Taking Down Hive's Ransomware Plan
The Hive ransomware group, as of November, extorted roughly $100 million from more than 1,300 companies worldwide. Many of these organizations were in health care, American officials noted, according to CNN.
Garland said that one ransomware attack was attributed to the Hive group in August 2021, when a hospital in the U.S. Midwest was forced to turn away patients as COVID-19 surged. Other victim organizations of the group include a 314-bed hospital located in Louisiana. Hospital authorities said they could prevent an attack in October but still lost personal data on roughly 270,000 patients.
In a statement, the chief security officer for the Health Information Sharing and Analysis Center, Errol Weiss, said that the ransomware group compromised the safety and health of patients in hospitals. He added that when hospitals are the target of attacks that result in medical systems going down, people could die.
While no arrests were made, officials noted that to pursue prosecutions, they are currently building a map of the administrators of the ransomware group who manage the software and the affiliates who infect targets and negotiate with their targets. Wray noted that anyone involved with Hive should now be wary because their investigation is ongoing, said Yahoo News.
Related Article: Virginia Teacher Shooting Incident Update