Limitoo News

FBI disrupted Hive ransomware variant, Justice Dept announces

The FBI has seized the website of a prolific ransomware gang that has heavily targeted hospitals and other health care providers.
The website of the group, known as Hive, was offline Thursday. It was not immediately clear how the seizure, disclosed in a takedown notice on the gang's dark website, will affect its long-term operations. The Justice Department is holding a news conference Thursday regarding the seizure.
In a statement before the news conference, Attorney General Merrick Garland announced, "Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world."
A Justice Department news release said that the U.S. had worked with law enforcement officials in Germany and the Netherlands on the campaign to disrupt Hive.
The FBI had penetrated Hive's computer networks since late July, the release said, enabling investigators to capture its decryption keys and share them with victims so that they wouldn't have to pay the $130 million in ransom payments demanded by Hive hackers. The FBI has shared the keys with over 1,300 victims worldwide.  
A U.S. government advisory last year said Hive ransomware actors had victimized over 1,300 companies worldwide from June 2021 through last November, receiving approximately $100 million in ransom payments. Criminals using the ransomware targeted a wide range of businesses and critical infrastructure sectors, including government facilities, critical manufacturing and "especially" health care and public health.
The seizure is the latest effort by the Justice Department to tackle the scourge of ransomware, in which hackers lock up or encrypt victims computer networks, steal data and demand large sums.
The threat captured the attention of the highest levels of the Biden administration two years ago after a series of high-profile attacks that threatened critical infrastructure and global industry. In May 2021, for instance, hackers targeted the nation's largest fuel pipeline, causing the operators to briefly shut it down and make a multimillion-dollar ransom payment that the U.S. government largely recovered.
Federal officials have used a variety of tools to try to combat the problem, including conventional law enforcement measures such as arrests and prosecutions. A suspected Ukrainian hacker was arrested in October 2021 after traveling to Poland and charged in connection with a string of costly ransomware attacks, including one that snarled businesses around the globe the prior Fourth of July weekend.
Robert Legare contributed to this report.