Estimated reading time: 2 minutes, 44 seconds

U.S. Seizes Millions In Ransom Paid By Colonial Pipeline Featured

The Colonial Pipeline ransomware saga has taken another turn as the Department of Justice (DOJ) announced it recovered 63.7 Bitcoins paid to hacking group DarkSide. Those coins are valued at close to $2.3 million.

DOJ department 40657 640 smallAccording to the DOJ, the funds were originally sent on May 8 as a ransom payment after the critical piece of energy infrastructure was compromised by the group. The recovery of the ransom payment was made possible, in part, by the newly minted Ransomware and Digital Extortion Task Force.

“Following the money remains one of the most basic, yet powerful tools we have,” said DOJ Deputy Attorney General Lisa O. Monaco, in a statement. “Ransom payments are the fuel that propels the digital extortion engine, and [this] announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises.”

Law enforcement agents were able to successfully track Bitcoin transfers associated with the payment, according to the announcement. From there the FBI was able to obtain the requisite “private key” needed to access the coins. As such, U.S. Magistrate Judge for the Northern District of California Laurel Beeler authorized the seizure warrant.

“We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. [The] announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide,” Monaco added.

From Twitter:

The Daily Beast @thedailybeast Jun 4

"The ransomware attack that cost Colonial Pipeline roughly $5 million and sent gas prices soaring seems to have been the result of a single stolen password https://t.co/IngHcL7pjk?amp=1"

Krebs on Security, citing data from intelligence company Flashpoint, said the attack was likely intended only to solicit the ransom payment and was not primarily intended to damage U.S. energy infrastructure.

They added that DarkSide has made a habit of “big game hunting” type attacks aimed at organizations that have the means to pay the hefty ransoms they are seeking. In fact, DarkSide has even made statements to that effect, claiming they are only interested in money. “We are apolitical, we do not participate in geopolitics, do not need to tie us with a defined government and look for other our motives [sic],” reads the DarkSide Leaks blog, as noted by Krebs. “Our goal is to make money, and not creating problems for society. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.”

Regardless of DarkSide’s self-reported social consciousness, guidance for the new DOJ taskforce calls for it to be vigilant and aggressive with them and other similar operations.

“A central goal of the recently launched Ransomware and Digital Extortion Task Force is to ensure that we bring to bear the full authorities and resources of the Department in confronting the many dimensions and root causes of this threat,” it reads. “We know that ransomware attacks and digital extortion schemes are often conducted by transnational criminal actors, spread without regard to geographic borders, and thrive on the abuse of online digital and financial infrastructure. Accordingly, the Department must make sure that its efforts in combating digital extortion are focused, coordinated, and appropriately resourced.”

Read 2364 times
Rate this item
(0 votes)

Visit other PMG Sites:

PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.