Denver, Colorado 2021-06-08 15:03:51 –
Washington — CEO of a large fuel pipeline hit by ransomware last month approving senators to pay millions of dollars to hackers on Tuesday will affect much of the eastern United States The right thing to do to put an end to the fuel shortages it is causing is because the authorities have blocked such payments.
When asked how terrible it would have been if the Colonial Pipeline hadn’t paid to get the data back, CEO Joseph Braunt said: And that’s probably an unknown you don’t want to play in public forums. “
He said he decided to pay the hacker a ransom because of the company’s important role in fuel transportation and the potential for “pandemonium” resulting from the long-term closure of the pipeline. The encryption tools he provided to the company helped “to some extent”, but they weren’t perfect, and Colonial was still in the process of completely restoring the system, Braunt said.
Mr Brownt faced the Senate Department of Homeland Security the day after the Department of Homeland Security revealed that it had recovered most of the $ 4.4 million ransom that the Department of Justice had made to bring the system back online.
Braunt’s testimony has been since the May 7 ransomware attack, when the Georgia-based Colonial Pipeline, which supplies about half of the fuel consumed on the East Coast, temporarily shut down. This is the first time I have appeared in Congress. The attack is attributed to a gang of Russian-based cybercriminals using a variant of the DarkSide ransomware, one of the more than 100 variants currently being investigated by the FBI.
The company began negotiations with hackers the evening of the day of the attack and paid a ransom of 75 Bitcoins the next day. That’s about $ 4.4 million. The FBI has traditionally blocked ransomware payments for fear of fostering cyberattacks, but colonial officials need this deal to resume critical fuel transport operations as quickly as possible. He states that he believes that.
“This was one of the most difficult decisions I had to make in my life,” Braunt said in prepared words. “At the time, I kept this information secret because I was concerned about operational security and minimizing the promotion of threat actors. But in this situation, the critical infrastructure should be kept as soon as possible. I believe that restoration is the right thing for this country. “
According to Brown, the attack, which began after a hacker abused a virtual private network, was not intended to be used and was subsequently shut down.
The operation to seize cryptocurrencies paid to Russia-based hacker groups is the first operation carried out by a ransomware-specific task force created by the Justice Department of the Biden administration. This reflects a rare victory in the fight against ransomware as US authorities confront a rapidly accelerating threat targeting key industries around the world.
“To increase the cost and consequences of ransomware and other cyber-based attacks by pursuing the entire ecosystem (including criminal proceeds in the form of digital currencies) that facilitates ransomware and digital extortion attacks. We will continue to use all our resources, “said Deputy Attorney General Lisa Monaco at a press conference announcing the surgery.
In a statement on Monday, Braunt thanked the FBI for its efforts, making hackers accountable and disrupting their activities “the best way to thwart and defend against future attacks of this kind.” is.
“The private sector has an equally important role to play, and we need to take cyber threats seriously and invest to strengthen our defenses accordingly,” he added.
Cryptocurrencies are preferred by cybercriminals because they can pay directly online regardless of geographic location, but in this case the FBI identifies the cryptocurrency wallet used by hackers and collects revenue from it. We were able to do that, says Abbate. The Justice Department did not provide details on how the FBI obtained the “key” for a particular Bitcoin address, but said law enforcement could track multiple transfers of cryptocurrencies.
“For monetary cybercriminals, especially those who appear to be abroad, blocking access to revenue is one of the most influential consequences we can impose.”
The amount of Bitcoin confiscated — $ 63.7, the present value after the Bitcoin price fell — $ 2.3 million — was equivalent to 85% of the total ransom paid. The person who carried out the attack. The ransomware software provider DarkSide should have acquired the remaining 15%.
“The blackmailer will never see this money,” said Stephanie Hines, deputy federal prosecutor for the Northern District of California.
Ransomware attacks, where hackers encrypt data in victims’ organizations and require large amounts of money to return information, are widespread around the world. Last year was the most damaging year on record for such an attack. Hackers are targeting important industries as well as hospitals and police.
A few weeks after the Colonial Pipeline attack, a ransomware attack by Russian-speaking gangster REvil disrupted production of Brazil’s JBS SA, the world’s largest meat processing company.
The ransomware business has evolved into a highly fragmented racket, with data-locking software providers, ransomists, hackers breaking into targeted networks, and those systems moving undetected. The workforce is shared by hackers who are good at stealing sensitive data. An Indian center was hired to threaten people whose data was stolen and force them to pay for blackmail.
Boston Associated Press writer Frank Bajak contributed to this report.
Ransom payment among my “toughest decisions” Source link Ransom payment among my “toughest decisions”