US Majority of $4.4 million cryptocurrency ransom payment in Colonial Pipeline hack recovered

23:20  07 june  2021
23:20  07 june  2021 Source:   usatoday.com

Why ransomware cyberattacks are on the rise

  Why ransomware cyberattacks are on the rise A recent spate of ransomware attacks has left the nation reeling. A recent spate of ransomware attacks has crippled critical American infrastructure, disrupted major food supply chains and revealed that no firm -- big or small -- is safe from these insidious cyberattacks.

Federal authorities dealt a blow to a criminal hacking group that forced the shutdown of the Colonial Pipeline, recovering the "majority" of the $4.4 million in cryptocurrency ransom paid to restore the energy system, Justice Department officials said Monday.

a close up of a sign: Colonial Pipeline Houston Station on May 10, 2021, in Pasadena, Texas. © Francois Picard/AFP via Getty Images Colonial Pipeline Houston Station on May 10, 2021, in Pasadena, Texas.

Deputy Attorney General Lisa Monaco said the FBI was able to "turn the tables" on the group known as the "Darkside," believed to be based in Russia.

At a Justice Department briefing, FBI Deputy Director Paul Abbate said investigators were able to trace the payment to a "virtual currency wallet," and then seized more than $2 million in cryptocurrency funds.

Ransomware: A cheat sheet for professionals

  Ransomware: A cheat sheet for professionals This guide covers various ransomware attacks, including Colonial Pipeline, WannaCry and Petya, the systems hackers target and how to avoid becoming a victim and paying cybercriminals a ransom.In the past, security threats typically involved scraping information from systems that attackers could use for other crimes such as identity theft. Now, cybercriminals have proceeded to directly demanding money from victims by holding their devices--and data--hostage. This type of malware attack in which data is encrypted (or claimed to be) and victims are prompted to pay for the key to restore access, called ransomware, has grown rapidly since 2013.

Start the day smarter. Get all the news you need in your inbox each morning.

Although it is unlikely that the hackers would ever face charges in the U.S., Monaco and Abbate said the U.S. action represented a significant strike against such groups, "depriving" them of the money they seek.

The U.S. action also comes as President Joe Biden prepares for his first meeting with Russia President Vladimir Putin, where cybersecurity and Russia's cyber aggression is expected to be a top subject of discussion.

More: JBS, Colonial Pipeline ransomware attacks are just a fraction of what US is up against, DOJ official warns CEOs

Last week, Monaco issued an extraordinary plea to the nation’s CEOs to bolster their digital systems against an expected onslaught of devastating ransomware attacks, saying the malicious hacks that shut down the Colonial Pipeline and meat supply networks were just the beginning.

DOJ recovers most of ransom Colonial Pipeline paid to DarkSide hackers

  DOJ recovers most of ransom Colonial Pipeline paid to DarkSide hackers The Justice Department has recovered most of the $4.4 million cryptocurrency ransom that Colonial Pipeline paid to the Russia-based DarkSide ransomware hacker group last month. © Provided by Washington Examiner “Ransomware and digital extortion pose a national security and an economic security threat to the United States. The Department of Justice, with our partners, is committed to using all the tools at our disposal to disrupt these networks and the abuse of the online infrastructure that allows this threat to persist,” Deputy Attorney General Lisa Monaco said Monday.

“The message needs to be to the viewers here, to the CEOs around the country, that you’ve got to be on notice of the exponential increase of these attacks,” Deputy Attorney General Lisa Monaco told CNBC.

5 Things to Know About Katie’s 'Bachelorette' Contestant Justin Glaze

  5 Things to Know About Katie’s 'Bachelorette' Contestant Justin Glaze The East coast match to Katie’s West coast roots? Justin Glaze turned heads right away when he was announced as one of 30 contestants vying for Katie Thurston’s heart during season 17 of The Bachelorette. “Grab a bottle and get ready Couple glasses of Sauv Blanc and anything can happen on @bacheloretteabc ….except maybe dancing…. I’m saving my moves for marriage ,” the 26-year-old wrote via Instagram on May 18 when his role on the show was announced. Marriage is definitely possible for Justin — or one of his 29 fellow contestants. Ahead of the show’s Monday, June 7, premiere, Katie, 30, told Us Weekly exclusively that she’s more than ready to walk down the aisle. “I just know where I’m at in life, and it really shows how serious I am about falling in love and finding my person,” she said. “And if the thought of being engaged scares you, then you’re not ready to be with me.” According to his ABC contestant bio, Justin has never been one to settle — but only because he hasn’t found The One, AKA “someone who is equally beautiful on the inside and out, trustworthy and committed to the idea of teamwork in a relationship.” The Maryland native describes his perfect match as someone who’s “passionate about fitness, but also loves to enjoy a day barbecuing and a good bottle of Sauvignon Blanc.” While Katie more often appears to toast with a glass of bubbly according to her Instagram, grape choice won’t make or break the potential couple.

Monaco stressed that the high-profile hacks of Colonial Pipeline and meat processing company JBS were only a tiny sampling of the attacks against America’s critical infrastructure every day.

“If you are not taking steps – today, right now – to understand how you can make your company more resilient, what is your plan?” Monaco said last week.

Monaco, who spent the past two months ramping up departmental cybersecurity efforts, issued guidance last week requiring all prosecutors to alert a new national ransomware task force whenever a significant case or development arises.

a close up of Lisa Monaco © Carolyn Kaster, AP Lisa Monaco

The Ransomware and Digital Extortion Task Force will be run out of "Main Justice," the department's headquarters in Washington. Officials said the new policy and the task force are part of an urgent effort to improve coordination of the many federal ransomware investigations and prosecutions by using similar protocols put in place for terrorism cases after 9/11.

Contributing: Josh Meyer

This article originally appeared on USA TODAY: Majority of $4.4 million cryptocurrency ransom payment in Colonial Pipeline hack recovered

Colonial Pipeline may use recovered ransomware attack funds to boost cybersecurity .
Colonial Pipeline may use the recovered funds paid out to cyber criminals as part of a ransomware attack last month to increase cybersecurity, company president and CEO Joseph Blount said Wednesday."We are always in the process of hardening our systems and making investments in IT and cybersecurity at Colonial, so your request today, and putting an additional $2.2 million into hardening our systems further, is not a difficult one to address and agree to," Blount testified in response to a question from House Homeland Security Committee Chairman Bennie Thompson (D-Miss.) on whether the ransom funds would be used to shore up security.

usr: 0
This is interesting!