On Monday, the Justice Department announced that the United States investigators recovered millions in cryptocurrency as they paid in ransom to hackers whose attack provoked the closure of the key East Coast pipeline last month. CNN’s reporting about the FBI-led operation also confirms the announcement. Furthermore, the operation performed with the collaboration with the Colonial Pipeline – the company that hit with the ransomware attack in question.
BREAKING: Justice Department announces it has recovered a majority of ransom paid to DarkSide hacker group in Colonial Pipeline hack.
“Ransomware attacks are always unacceptable, but when they target critical infrastructure, we will spare no effort in our response.” pic.twitter.com/PYopINvk3J
— MSNBC (@MSNBC) June 7, 2021
DOJ Seized Approximately $2.3m in Bitcoins paid to DarkSide
Moreover, the Justice Department stated that it grabbed almost $2.3 million in Bitcoins paid to people in DarkSide – a criminal hacking group. Federal Bureau of Investigation announced that they are investigating the hacking group, which said to share its malware tools with other groups of illegal hacking, for more than one year. The ransom attack recovery, which is the initial capture of the recently established Department of Justice digital extortion task force, is a rare consequence for a firm that became victim to a devastating cyberattack in the successful criminal business of ransomware.
Joseph Blount, the Co. CEO of the Colonial Pipeline told the Wall Street Journal during an interview last month that the company compiled with a ransom demand of around $4.4m because administrators did not know the level of the disturbance by hackers and how long it would require to restore operations on the normal track. On the other hand, Colonial Pipeline took initial steps to inform the FBI department and followed the asked instructions that helped the detectives to track the transaction to a cryptocurrency wallet of hackers. The investigators also believed that the wallet based in Russia.
America to Use all Available Tools against the Attacks
Lisa Monaco, the Deputy Attorney General, stated on Monday during the justice department announcement that following the money and transactions is still one of the most basic and strong tools they have. Ransom payments are the base that drives the digital extortion engine, and the recent announcement proves that the U.S. will use all available tools to make hacking attacks less profitable and more costly for criminal enterprises.
The United States Attorney Office for the Northern District of California authorized the seizure warrant of the captured millions in cryptocurrency. New financial technologies that tried to nameless payments will not offer a curtain from behind which hackers allowed to pick the pockets of hardworking nationals of America.
Blount also issued a statement following the announcement of the justice department. He said that when hackers attacked Colonial on 7th May, they quietly and instantly contacted the local field offices of FBI in San Francisco and Atlanta, and prosecutors in Washington D.C. and Northern California, to share with them what they knew at that time.
Further, he adds that the FBI and DOJ were active in helping them to understand the threat of criminals and their strategies. Their efforts to capture these hackers accountable and bring them to justice are worthy. Previously, CNN reported that the American officials were looking for any possible weakness in the personal or operational security of hackers in an effort to find out the actors responsible – specifically investigating and observing for any leads that might come out of the method they move their money.
Christopher Wray, the FBI Director, said during an interview with the Wall Street Journal that in some cases, coordination between law enforcement and ransomware victims could yield encouraging results for both sides.
Misuse of Cryptocurrency is a Huge Enabler
The Biden government focused on the less regulated architecture of digital currency payments, which allows for better secrecy as it bolsters its efforts to disrupt the mounting and progressively destructive ransomware attacks, following two significant incidents on critical infrastructure. Anne Neuberger, the Deputy National Security Advisor, told CNN that the ill use of cryptocurrency is a huge enabler here.
That is how people get the money out of it, on the upsurge of enhancing and anonymity cryptocurrencies, the increase of mixer services that basically launder funds. Neuberger added that individual firms experience pressure – specifically if they cannot do the cybersecurity work – to settle the ransom and move on.
However, the Biden government clarified that it needs coordination from local private companies to combat the recent wave of ransomware attacks. Central agencies of the country maintain some capabilities that surpass what industry allies can perform themselves and are proficient at tracing currency used to pay ransomware groups.