The Justice Department recovered $2.3 million in cryptocurrency ransom that Colonial Pipeline paid to hackers whose cyberattack last month shut down its major East Coast pipeline, leading to gas shortages up and down the East Coast, authorities said.
The United States has reportedly recovered millions in cryptocurrency paid to hackers behind the Colonial Pipeline ransomware attack.
The DOJ also released a June 3 memo from Deputy Attorney General Lisa O. Monaco instructing all federal prosecutors to adhere to new guidelines that seek centralize reporting about ransomware victims.
Monaco gave no details on how the money was recovered from Darkside, but analysts believe it could have involved both FBI investigators and possibly the U.S. military's offensive cyber warfare operations.
Deputy Attorney General Lisa Monaco said at a news conference that the Justice Department has recovered most of a multimillion-dollar ransom payment to hackers by the operator of the nation's largest fuel pipeline.
ABBATE: "We identified a virtual currency wallet that the DarkSide actors use to collect a payment from a victim".
Commerce Secretary Gina Raimondo said on Sunday the Biden administration was looking at all options to defend against ransomware attacks and that the topic would be on the agenda when Biden meets Russian President Vladimir Putin this month. The company was up and running within days, but the slowdown meant delays still remained in the aftermath of the attack. Since the ransom was paid the value of Bitcoin has fallen sharply.
"We needed to do everything in our power to restart the system quickly and safely".
Kamala Harris' plane forced to return to U.S. soil following technical issue
When the plane returned, Harris exited and flashed a double thumbs up to the press, and said, "I'm good". Harris' global trip comes amid the United States border crisis, alongside Mexico and Guatemala.
Reiner said those limits do not mean the United States can not still make progress against defeating ransomware, comparing it with America's ability to degrade the terrorist group al-Qaida while not capturing its leader, Ayman al-Zawahiri, who took over after USA troops killed Osama bin Laden. "I didn't make it lightly". The company's CEO Joseph Blount eventually said Colonial paid the $4.3 million ransom in an interview with the Wall Street Journal.
Alpharetta-based Colonial Pipeline reported a ransomware attack on May 7, and paid ransomware network DarkSide Network as a service, now worth $ 2.5 million worth of 75 Bitcoins. Nicholas Weaver, a lecturer at the computer science department at University of California, Berkeley, said the most likely explanation is that law enforcements agent seized money from a specific DarkSide affiliate responsible for bringing the crime gang the initial access to Colonial's systems.
The US government has recommended in the past that companies do not pay criminals over ransomware attacks, in case they invite further hacks in the future.
Monaco also used Monday's announcement to urge companies to take preemptive action.
"In this heightened threat situation, we all have a role to play in keeping our country safe". No organization is immune. The task force was created as part of the government's response to an "epidemic" of ransomware attacks, which Monaco said have "increased in both scope and sophistication in the a year ago".
"We did a pretty exhaustive search of the environment to try and determine how they actually got those credentials", Carmakal said.
USA intelligence and law enforcement officials say stopping hacking attacks has become a national security priority, and the issue has raised tensions between the US and Russian Federation. They must all report all incidents, including any potential issues, to the Cybersecurity and Infrastructure Security Agency (CISA).