Info@NationalCyberSecurity
Info@NationalCyberSecurity
0

Europol, FBI Announce LockBit Ransomware Crackdown | #ransomware | #cybercrime


“This data will be used to support ongoing international operational activities focused on targeting the leaders of this group, as well as developers, affiliates, infrastructure and criminal assets linked to these criminal activities.”

While the infrastructure takedown poses major hurdles for LockBit, the arrests, indictments and identifications of individuals linked the group is truly significant. Europol gave no further details on the two LockBit actors that were arrested, but the Justice Department on Tuesday indicted two Russian nationals who have both allegedly engaged in LockBit ransomware attacks: Ivan Gennadievich Kondratiev, a LockBit affiliate and leader of an affiliate sub-group called the National Hazard Society, and Artur Sungatov, a LockBit ransomware group affiliate.

“A common point of dissatisfaction for using law enforcement mechanisms to reduce this risk is that we’ll never get these guys,” said Megan Stifel, the chief strategy officer for the Institute for Security and Technology and executive director of the Ransomware Task Force. “Well, guess what? Several of them are now in custody. I think that’s indicative of where we’re seeing progress.”

The operation has also attempted to aim at the financial epicenter of LockBit, which over the years has received more than $120 million in ransom payments and has made ransom demands totaling hundreds of millions of dollars. In addition to authorities freezing the 200 cryptocurrency accounts linked to the organization, the U.S. Treasury Department on Tuesday also issued sanctions against Kondratiev and Sungatov. The sanctions ban all transactions between these individuals and people in the U.S.

The announcement also reveals two short-term wins for businesses hit by the LockBit ransomware. First, a decryption tool was developed by the FBI, UK’s National Crime Agency and Japanese police. This tool is now available on the No More Ransom portal, and LockBit victims can use it for free in order to recover their encrypted files. Second, LockBit’s data stolen from victims appears to now be in the hands of law enforcement – though there’s no guarantee that there aren’t other copies of this stolen data floating around, said Stifel. Still, “at the very least additional investigative work can help victims understand what was taken and help them to better assess their risk from further damage from the release of that data,” said Stifel.

Europol acknowledged that this “vast amount of data gathered throughout the investigation is now in the possession of law enforcement” and stressed that it could support future operations.

“This data will be used to support ongoing international operational activities focused on targeting the leaders of this group, as well as developers, affiliates, infrastructure and criminal assets linked to these criminal activities,” according to Europol.



Source link

.........................

National Cyber Security

FREE
VIEW