What We Learn From FBI’s Recovery Of Colonial Pipeline's DarkSide Bitcoins For Ransomware Attacks

Security awareness, knowledge, and skills can remove fear and empower us in effectively dealing with this situation.

Photo by ThisIsEngineering from Pexels

The U.S Department of Justice seized $2.3 million in cryptocurrency paid to the ransomware extortionists Darkside. The Honorable Laurel Beeler, U.S. Magistrate Judge for the Northern District of California, authorized the seizure warrant.

Ransomware has become a massive problem for governments, businesses, and individuals globally. As a result, cybersecurity Costs Are On The Rise. Many business organizations struggle to deal with the complexity of cybersecurity and prohibitive costs to their budget.

Statista website highlights that according to an annual report on global cybersecurity, there were a total of 304 million ransomware attacks worldwide in 2020. This was a 62 per cent increase from a year prior and the second-highest figure since 2014, with the highest on the record being 638 million attacks in 2016.

Image from Statista

Ransomware has 30 years of history. They get more sophisticated with the advance of new technologies, tools, and collaborative efforts of hacking communities. FBI and Europol see Ransomware as significant threats in the digital world. According to Europol’s 2019 report, the Internet Organized Crime Threat Assessment (IOCTA), Ransomware remains the main threat from the cyber world.

Ransomware is a specific cybersecurity attack. These attacks use malware which is malicious software. If your device is infected with Ransomware, it will be unusable. This malicious software can encrypt files in your computer or other devices; thus, you can no longer access them. They even can lock the device at the hardware level, so you cannot even start the machine.

I posted two articles related to recent ransomware incidents in the U.S. and guided how to deal with this cybersecurity problem.

In this article title “Ransomware Cyberattacks Severely Affect Critical Resources Of The Nation Across The U.S.”, I pointed out that ransomware attacks are not just for money affecting computer systems. However, they cause physical damages, such as in hospitals and nuclear stations in various countries.

In my second article titled “Recent Cyberattack To A Major US Fuel Pipeline”, I provided practical guidance on dealing with Ransomware effectively and preventing them from occurring.

One of the key findings from these incidents is that many victims don't report ransomware attacks. They quietly pay off their attackers without notifying anyone.

However, In the 2019 Internet Crime Report, “The FBI advises not to pay the ransom to the adversary. Paying a ransom does not guarantee an organization will regain access to its data; in fact, some individuals or organizations were never provided with decryption keys after having paid a ransom. Paying a ransom emboldens the adversary to target other organizations for profit and provides a lucrative environment for other criminals.”

In this recent news, the U.S. Department of Justice provided critical information to the public. Deputy Attorney General Lisa O. Monaco for the U.S. Department of Justice points out:

“Following the money remains one of the most basic, yet powerful tools we have. Ransom payments are the fuel that propels the digital extortion engine, and today’s announcement demonstrates that the United States will use all available tools to make these attacks more costly and less profitable for criminal enterprises. We will continue to target the entire ransomware ecosystem to disrupt and deter these attacks. Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”

In the press release, Acting U.S. Attorney for the Northern District of California Stephanie Hinds informs that:

“Cybercriminals are employing ever more elaborate schemes to convert technology into tools of digital extortion. We need to continue improving the cyber resiliency of our critical infrastructure across the nation, including in the Northern District of California. We will also continue developing advanced methods to improve our ability to track and recover digital ransom payments.”

There is a common belief that cryptocurrencies are difficult to trace. Therefore, ransomware criminals use them for transactions. In reality, these transactions can be traced with the help of blockchain technology. For example, when cryptocurrency was cashed, law enforcement agencies can identify them using Blockchain ledgers and bank accounts.

As pointed out by FBI Deputy Director Paul Abbate:

“There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors. We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.”

Image from Wikipedia - public domain

The report concludes that “The Task Force prioritizes the disruption, investigation, and prosecution of Ransomware and digital extortion activity by tracking and dismantling the development and deployment of malware, identifying the cybercriminals responsible, and holding those individuals accountable for their crimes. The Task Force also strategically targets the ransomware criminal ecosystem as a whole and collaborates with domestic and foreign government agencies as well as private sector partners to combat this significant criminal threat.”

Cryptocurrencies bring new challenges to the public, business, and law enforcement. However, as we learn more about their nature and the infrastructure behind them, our digital intelligence grows substantially.

Digital intelligence is essential to deal with issues of the crypto world and critical for dealing with cybersecurity issues.

To conclude, awareness of the situation, security knowledge, and cybersecurity skills are essential for preventing ransomware attacks.

The key points are password protection, refraining from visiting insecure sites, not clicking on the suspicioius inks in emails, and enabling two-factor authentication in our devices.

As a fallback position, backing up our systems is essential in case of a potential ransomware attack.

Fear is useless. Awareness, knowledge, and skills can remove fear and empower us in effectively dealing with this situation.

Thank you for reading my perspectives.

Follow me to see more articles like this.

...

Follow

Related articles on News Break

Ransomware Cyberattacks Severely Affect Critical Resources Of The Nation Across The U.S

Recent Cyberattack To A Major US Fuel Pipeline

Dilemmas Of ICOs And The Rise Of DeFi

Leveraging Ethical Hacking for Cybersecurity Requirements of Digital Ventures