This FBI And Department of Justice It recently disrupted the activities of a North Korean government-sponsored hacking group that targeted US hospitals. RansomwareUltimately recovering half a million dollars in ransom payments and CryptocurrencyDeputy Attorney General Lisa Monaco said Tuesday.
Monaco revealed new details of the attack during a speech in which she encouraged organizations affected by ransomware to report the crime to law enforcement, so officials can investigate and help victim companies try to recover ransom payments.
In this case, Monaco said, a Kansas hospital that paid a ransom after being attacked by ransomware last year also contacted the FBI, which traced the payments and identified China-based money launderers who funneled the illicit funds to North Korean hackers. Helped to extract.
The FBI was able to recover half a million dollars from the hospital, including full payment of the ransom.
“If you report that attack, if you report the ransom demand and payment, if you work with the FBI, we can take action,” he said at an international conference on cyber security hosted by Monaco. Fordham University.
“We can follow the money and get it back; We can help prevent the next attack, the next victim; And we can catch up Cybercriminals responsible.”
In 2021 US officials scrambled to deal with a wave of high-profile ransomware attacks – in which hackers encrypt or lock victims’ data and demand exorbitant sums of money to return it – including a critical fuel pipeline on the East Coast. is
Although the pace of such large-scale, front-page attacks appears to have slowed, smaller targets – such as hospitals – continue to be affected.
FBI Director Christopher Wray told the same conference that a particular challenge is that ransomware, once largely the province of garden-variety cybercriminals looking to extort cash, is now increasingly being deployed by hostile governments seeking to wreak havoc. Looking forward to.
“Another thing we’re seeing more and more is ransomware actors doing more than just locking down systems,” Ray said. “They’re leaking information, they’re threatening to release information that you own.”
This particular type of ransomware, known as “Mau”, specifically targets hospitals and public health organizations across the country.
Justice Department officials say the attack on the Kansas hospital, which they could not identify, occurred in May 2021 when hackers encrypted the medical center’s files and servers. The hospital paid nearly $100,000 in Bitcoin to get its data back.
The department said that in addition to recovering payments from a Kansas hospital, it also received payments back from a health care provider in Colorado that was affected by the same Maui ransomware variant.