US Luxury cars and $100 bills: Police bust ransomware gang in Ukraine
Opinion: Ransomware is a national security risk. It's time to treat it like one
Recent critical infrastructure disruptions bring into clear focus that ransomware poses a significant risk to national security, and it's time to begin treating it as we would any other serious threat. © Shutterstock Ransomware builds upon the computer viruses and worms of years' past and adds a terrifying twist. Once ransomware infects a system, it encrypts all of the data on that system, rendering it inaccessible to legitimate users. The ransomware author then demands the payment of a ransom in exchange for providing the decryption key required to restore access.
Police in Ukrainemembers of a major ransomware gang.
The arrests mark the first time a law enforcement agency has announced a mass arrest of a prolific hacker group that had extorted Americans by either encrypting an organization's files or threatening to leak them to the public.
The gang, known as Cl0p, has hacked a number of American targets, including the University of Miami, Florida, Stanford University, University of Maryland, and University of Colorado, demanding a payment to either keep their systems functional or to not publish material they were able to steal.
The bust comes as ransomware has gone from a quietly pervasive cybersecurity problem to a broadly discussed national security issue, thanks to a series of high-profile attacks that have threatened to cripple some U.S. supply chains.
Crypto and ransomware are top of mind for Joe Biden as he meets with G-7 leaders
With two major ransomware attacks in the last month, the White House is keen to fight the global threat to economies.In recent weeks, high-profile ransomware attacks on vital U.S. infrastructure brought greater public awareness to both these types of hacks and the vulnerability of large parts of the nation's economy.
Ukraine's announcement coincided with President Joe Biden's meeting with Russian President Vladimir Putin in Geneva. Bidento press Putin to take action against ransomware hackers who operate with impunity within Russia's borders.
Ransomware has become a significant problem in the United States. Recent ransomware attacks briefly hobbled the Colonial Pipeline, shutting down the country's largest fuel pipeline for five days, and JBS, one of the country's largest meat suppliers.
The majority of the most prolific ransomware gangs are believed to operate in Eastern Europe, and Russia in particular.
Some US allies near Russia are wary of Biden-Putin summit
KYIV, Ukraine (AP) — Central and Eastern European nations are anxious about the coming summit meeting between U.S. President Joe Biden and Russian President Vladimir Putin, wary of what they see as hostile intentions from the Kremlin. Some in the countries that once were part of the Soviet Union or the Moscow-led Warsaw Pact during the Cold War worry that Washington could scale down support for its allies in the region in a bid to secure a more stable and predictable relationship with Russia.
Ukraine's cyber police announced they had arrested six people involved with Cl0p, and seized a number of computers, cars and about 5 million Ukrainian hryvnia ($185,000) in cash.
A video released by Ukrainian authorities showed heavily armed officers descending on what appeared to be residences and seizing everything from stacks of cash and computers to luxury cars.
Though Cl0p wasn't the most prolific ransomware gang, it still hacked dozens of targets, mostly in the U.S. and South Korea, since becoming operational in the summer of 2020, said Allan Liska, a ransomware analyst at the cybersecurity company Recorded Future.
"While they weren’t considered a top-tier ransomware actor, their methods were fairly sophisticated," he said.
Interpol, the international police organization, which often helps with cybercrime investigations, said it assisted with the case, a spokesperson said in an email.
Cyberattack Ransoms Could Skyrocket Soon, Financing Tools for Criminal Intelligence .
"It is the position of the U.S. government that we strongly discourage the payment of ransoms," said Eric Goldstein, a top cybersecurity official in the Department of Homeland Security.Eric Goldstein, a top cybersecurity official in the Department of Homeland Security, told lawmakers during a congressional hearing last week that paying the ransom doesn't guarantee data will be returned or sensitive files won't be sold on the dark web. He added that paying ransomware criminals will finance newer, more advanced tools for criminal intelligence.