The Department of Justice announced on Monday that they’ve recovered some $4.4 million dollars worth of Bitcoin paid in ransom to hackers who prompted the shutdown of the Colonial Pipeline, according to CNN, which notes that “The ransom recovery is a rare outcome for a company that has fallen victim to a debilitating cyberattack in the booming criminal business of ransomware.”
But behind the scenes, the company had taken early steps to notify the FBI and followed instructions that helped investigators track the payment to a cryptocurrency wallet used by the hackers, believed to be based in Russia. US officials have linked the Colonial attack to a criminal hacking group known as Darkside that is said to share its malware tools with other criminal hackers. -CNN
The Monday announcement is part of a new initiative by Justice Department to crack down on all types of federal cyber crimes – including botnets, money laundering and ‘bulletproof hosting,’ according to Ars Technica. The move will elevate ransomware investigations to the same level as that of terrorism.
“To ensure we can make necessary connections across national and global cases and investigations… we must enhance and centralize our internal tracking of investigations and prosecutions of ransomware groups and the infrastructure and networks that allow the threats to persist,” said Deputy Attorney General Lisa Moreno in a Thursday memo first reported by Reuters.
According to the Ars: The new directive applies not just to cases or investigations involving ransomware but a host of related scourges, including:
- Counter anti-virus services
- Illicit online forums or marketplaces
- Cryptocurrency exchanges
- Bulletproof hosting services
- Online money laundering services
Of course, this directly contradicts Treasury Secretary’s Janet Yellen’s fear mongering over Bitcoin enabling ‘anonymous’ ransomware to sweep the globe, thus requiring big brother’s watchful oversight.
We expect crypto regulation to be a central focus, despite the fact that the role of digital currencies in illicit activity has basically bottomed out, while Yellen’s (et al.) narrative has been thoroughly BTFO (by a former CIA director no less).
The Biden DOJ’s push to target cybercriminals comes not only after the Colonial pipeline hack, but a May attack three weeks later at meat producer JBS, along with several other hacks across various industries – including Scripps Health, which continues to recover after taking their electronic health records offline for weeks.
Meanwhile, US prosecutors charged a 55-year-old Latvian woman in a ‘Trickbot Gang’ case – the first test of the DOJ’s Ransomware and Digital Extortion Task Force according to a press release cited by cybersecurity professional Shah Sheikh.
More via Ars Technica:
By using an ad-hoc group to track cases centrally, Justice Department officials hope the move brings focus and consistency to the investigations it conducts and cases it brings.
On Thursday, at least two new ransomware infections surfaced. The first struck Cox Media Group and, according to The Record, left the media company unable to provide livestreaming for TV stations and internal networks. The second hit UF Health Central Florida, which operates two hospitals. A spokesman for UF Health said that access to email and most other system platforms had been suspended. Staff in all hospitals and physician clinics are now using pen and paper to document and order care.
We can feel the undoubtedly upcoming crypto regulations in our bones.