And the president has signed an executive order to beef up America's cyberdefenses. The Department of Homeland Security has mandated that Pipeline operators report any cyberattacks on their systems to the federal government within 12 hours. The department, for its part, has set up a ransomware and digital extortion task force to focus on this problem.
This is something that the Justice Department and the Biden administration, more broadly, is taking very seriously. LUCAS: We have seen a lot of these sorts of ransomware attacks on businesses, yes, but also in cities, even police departments. Does this seizure of funds signal, in your mind, Ryan, that the government's actually getting a grip on this problem? But I think if you listen closely to what Abbate said there about cutting off revenue being one of the biggest consequences that the feds can impose on overseas hackers, I think that says a lot about where this stands.ĬHANG: Well, we have been talking a lot lately about ransomware attacks. But look FBI and Justice Department officials like to say that they have a long memory, that American law enforcement has a long reach. This was purely about the recovery of some of the ransom money that Colonial Pipeline paid. There weren't any indictments of individuals today. Remember DarkSide is said to operate out of Russia, which would make it unlikely that the individuals behind the cyberattack would ever see the inside of U.S. LUCAS: Well, officials didn't get into that today. So the feds were able to get the money, but can we expect that they will also be hunting down the individual hackers and hold them accountable? PAUL ABBATE: For financially motivated cybercriminals, especially those presumably located overseas, cutting off access to revenue is one of the most impactful consequences we can impose.ĬHANG: I mean, yeah, absolutely right. Abbate said that doing this, essentially depriving hackers of the proceeds from their attacks, is a big deal. The FBI then got a court-authorized warrant to seize those funds. The FBI's ongoing investigation into DarkSide allowed agents to identify a virtual currency wallet that Abbate said the group had used to collect this ransom payment. And he says DarkSide is based in Russia, and the group develops and markets ransomware to criminal affiliates who then carry out cyberattacks and then share the proceeds of those attacks with the developers. LUCAS: Well, the deputy director of the FBI, Paul Abbate, said that the bureau has been investigating DarkSide for the better part of a year. LUCAS: And in this instance, Monaco says the department was able to actually turn the tables on the hacking group behind this.ĬHANG: Well, did Monaco or other department officials explain how they were able to track this money down? But when they target critical infrastructure, we will spare no effort in our response. LISA MONACO: Ransomware attacks are always unacceptable. Here is Deputy Attorney General Lisa Monaco today.
officials say was behind the cyberattack. LUCAS: That translates to about $2.3 million, so that is a little more than half of the ransom that Colonial paid to a hacker group known as DarkSide that U.S. If you're not tracking the daily value of cryptocurrency. LUCAS: Well, the department says it has recovered 63.7 bitcoins. How much of that money did the Justice Department actually get back? So Colonial paid more than - what? - $4 million in ransom to these hackers behind the cyberattack. NPR justice correspondent Ryan Lucas has been following this and joins us now with more.ĬHANG: Hey. The cyberattack against Colonial forced the company to shut down its operations, which caused disruptions in the fuel supply across large parts of the East Coast. The Justice Department says it has recovered more than half of the ransom that Colonial Pipeline paid to hackers last month.
0 kommentar(er)
