US Russian Ransomware Group Claims Credit for Cyber Attack on D.C. Metro Police
Justice Department convenes task force to tackle wave of ransomware attacks
The Justice Department this week convened a new task force to address the mounting ransomware cyberattacks on critical U.S. organizations, which have spiked during the COVID-19 pandemic. The Ransomware and Digital Extortion Task Force, first reported on Wednesday by the Wall Street Journal, will be made of officials from the agency's National Security Division, Criminal Division, Civil Division, Executive Office of U.S. Attorneys, and the FBI. It will be charged with working to ensure the Justice Department prioritizes pursuing cases involving ransomware attacks through increased training for employees, a focus on intelligence sharing across the agency, improving
Files containing personal information of some Washington Metropolitan Police Department (MPD) employees were among those compromised by a suspected ransomware attack that is believed to have struck the Washington, D.C. department.
The suspected attack was reported earlier this week as the latest in a series of high-profile cyberattacks in the U.S. It comes just weeks after U.S.Secretary Alejandro Mayorkas identified ransomware as a force posing a "national security threat" to the U.S.
Ransomware is growing at an alarming rate, warns GCHQ chief
Cyber criminal gangs are looking to 'exploit the accelerations in connectivity and poor cyber security,' warns GCHQ director Jeremy Fleming.The scale and severity of ransomware is growing at an alarming rate as cyber criminals look to exploit poor cybersecurity to maximise profit, the director of GCHQ has warned.
In a letter sent to MPD employees on Wednesday, Chief Robert Contee said the "unauthorized access incident" was under assessment by the D.C. Office of the Chief Technology Officer and federal partners.
"At this time, I can confirm that HR-related files with Personally Identifiable Information (PII) were obtained," Contee wrote in the letter, a copy of which Newsweek received from the MPD.
Babuk, a Russian language ransomware group, took responsibility for the attack and demanded ransom payments in return for keeping the information it said it accessed private, according to the Associated Press.
Ransomware explained: No silver bullet, out-of-reach crooks
BOSTON (AP) — Political hand-wringing in Washington over Russia’s hacking of federal agencies and interference in U.S. politics has mostly overshadowed a worsening digital scourge with a far broader wallop: crippling and dispiriting extortionary ransomware attacks by cybercriminal mafias that mostly operate in foreign safe havens out of the reach of Western law enforcement. Stricken in the United States alone last year were more than 100 federal, state and municipal agencies, upwards of 500 health care centers, 1,680 educational institutions and untold thousands of businesses, according to the cybersecurity firm Emsisoft.
Contee's letter said officials were working to determine which individuals' files may have been compromised. He also provided tips on how employees could protect sensitive information in anticipation of fraud or other forms of unauthorized manipulation.
The department declined to comment further on the incident.
The suspected ransomware attack at the MPD came less than three months after a cyberattack in Florida threatened the city of Oldsmar's clean water supply by targeting a water treatment plant. In late 2020, several federal agencies confirmed their departments were impacted after they learned of a cyberattack far larger in scale, which came to be known as SolarWinds.
The uptick in cyberattacks in recent years has inspired discussions in the U.S. and around the world about how to combat ransomware. On Thursday, a collective of cyber expertsunveiled a report published by the Institute for Security and Technology (IST) that detailed suggested strategies for organizations to prevent and respond to ransomware attacks.
Ransomware is now a national security risk. This group thinks it knows how to defeat it
Recommendations ranging from additional support for victims to regulating Bitcoin to prevent it being used to extort payment aim to help protect society as a whole from being plagued by ransomware attacks.Ransomware is a growing international problem and it needs global cooperation in order to prevent attacks and take the fight to the cyber criminals behind the disruptive malware campaigns.
Among those who contributed to the Ransomware Task Force's report were representatives fromWeb Services, , the U.S. Cybersecurity and Infrastructure Agency and the Federal Bureau of Investigation.
Philip Reiner, the CEO of IST, told Newsweek reports of suspected ransomware attacks like the one involving the MPD shows not only the confidence of the suspected attackers but the deeper need for a unified strategy to prevent their success.
"If this is found to be true, that ransomware actors are willing to target the Washington Metro Police Department only confirms the assertion made by the Ransomware Task Force that these criminals are increasingly brazen and feel as though they can act with impunity," Reiner told Newsweek.
"This is the perfect example of why the RTF calls for an immediate, top-down, coordinated, well-resourced operational campaign to get after these actors, their safe havens, their infrastructure, and their finances."
In addition to the handful of federal organizations that contributed to the report's creation, the Ransomware Task Force also has the support of Mayorkas, who provided introductory remarks at a virtual presentation of the report's findings on Thursday.
Ransomware: There's been a big rise in double extortion attacks as gangs try out new tricks
More and more ransomware gangs are adopting tactics around threatening to publish stolen data in an effort to force victims to pay.There's been a big rise in the number of ransomware gangs that threaten to release information stolen from the victims if they don't pay the ransom for the decryption key required to restore their network.
"Last week, the Department of Justice created its own internal ransomware task force, and the White House is developing a plan dedicated to tackling this problem," Mayorkas said.
The DHS secretary went on to describe ransomware attacks as a national security threat that "only grows."
"The task force's report provides a vision for what we can do to better address this urgent problem," he said. "DHS looks forward to working closely with the task force to turn its recommendations into action."
Colonial Pipeline aims to restore operations by end of the week after cyberattack .
Meanwhile, the hacker group DarkSide said a statement that its goal is "to make money, and not creating problems for society".Malware Ransomware virus encrypted files and show key padlock with code on binary code and gear background. Vector illustration cybercrime and cyber security concept.