08 June 2021 - U.S. recovers majority of ransom payment made after pipeline hack
US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers
Evan Perez, Zachary Cohen and Alex Marquardt (CNN, 07/06/2021)
US investigators have recovered millions in cryptocurrency they say was paid in ransom to hackers whose attack prompted the shutdown of the key East Coast pipeline last month, the Justice Department announced Monday.
The announcement confirms CNN's earlier reporting about the FBI-led operation, which was carried out with cooperation from Colonial Pipeline, the company that fell victim to the ransomware attack in question.Specifically, the Justice Department said it seized approximately $2.3 million in Bitcoins paid to individuals in a criminal hacking group known as DarkSide. The FBI said it has been investigating DarkSide, which is said to share its malware tools with other criminal hackers, for over a year.
DOJ Recovers Multimillion Dollar Ransom Payment After Pipeline Cyberattack
Eric Tucker (The Huffington Post, 07/06/2021)
The Justice Department has recovered the majority of a multimillion-dollar ransom payment to hackers after a cyberattack that caused the operator of the nation’s largest fuel pipeline to halt its operations last month, officials said Monday.
The operation to recover the cryptocurrency from the Russia-based hacker group is the first undertaken by a specialized ransomware task force created by the Biden administration Justice Department, and reflects what U.S. officials say is an increasingly aggressive approach to deal with a ransomware threat that in the last month has targeted critical industries around the world.
“By going after an entire ecosystem that fuels ransomware and digital currency, we will continue to use all of our tools and all of our resources to increase the costs and the consequences of ransomware attacks and other cyber-enabled attacks,” Deputy Attorney General Lisa Monaco said Monday at a news conference announcing the operation.
Ransomware attacks show we're getting clobbered on cybersecurity
Kevin B. Brock (The Hill, 07/06/2021)
Eastern Seaboard Americans actually sat in lines last month waiting to buy gas. For baby boomers and those older, it was a trip down memory lane to the late ’70s when gas shortages were purposefully engineered by oil-producing countries in the Middle East.
This time, the disruption in gas flow was caused by criminals armed with software, not rich men wearing keffiyehs. And now, last week, we learned that it might be tough to buy beef for a little while because crooks have extorted a major meat distributor with ransomware.
Suddenly, Americans are getting a taste of a specific threat the intelligence community and cybersecurity experts have warned about for years: cyber attacks, engineered overseas, can evolve to a point where they interfere with basic services we all depend on.
Government Collaboration Needed To Prevent Ransomware Attacks
Mary Louise Kelly (NPR, 07/06/2021)
A gas pipeline, a meatpacking company, the ferry to Nantucket - three very different businesses, three of the many, many recent targets of ransomware attacks. So many, it's getting hard to keep up. Which made us wonder if U.S. businesses are putting some kind of playbook together, sharing best practices on how to keep hackers out of their networks and how to respond if they do get hit. Well, let's bring in the perspective of the U.S. Chamber of Commerce on this. Christopher Roberti is senior vice president of cyber, intelligence and supply chain security policy at the Chamber - in other words, the point guy for cyberattacks.