Homeland Security Network Blog

The information source for first responders.

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Archives
    Archives Contains a list of blog posts that were created previously.
Posted by on in Terrorism
  • Font size: Larger Smaller
  • Hits: 442
  • Print

U.S. Seizes Share Of Ransom From Hackers In Colonial Pipeline Attack

b2ap3_thumbnail_pipeline_20210608-141013_1.jpg

 

The New York Times

U.S. Seizes Share Of Ransom From Hackers In Colonial Pipeline Attack

The cyberattack on Colonial Pipeline last month shut down its computer systems, leading to soaring gas prices and panic buying.

By Katie Benner and Nicole Perlroth

WASHINGTON — The Justice Department said on Monday that it had seized much of the ransom that a major U.S. pipeline operator had paid last month to a Russian hacking collective, turning the tables on the hackers by reaching into a digital wallet to snatch back millions of dollars in cryptocurrency.

Investigators in recent weeks traced 75 Bitcoins worth more than $4 million that Colonial Pipeline had paid to the hackers as the attack shut down its computer systems, prompting fuel shortages, a spike in gasoline prices and chaos at airlines.

Federal investigators tracked the ransom as it moved through a maze of at least 23 different electronic accounts belonging to DarkSide, the hacking group, before landing in one that a federal judge allowed them to break into, according to law enforcement officials and court documents.

The Justice Department said it seized 63.7 Bitcoins, valued at about $2.3 million. (The value of a Bitcoin has droppped over the past month.)

“The sophisticated use of technology to hold businesses and even whole cities hostage for profit is decidedly a 21st-century challenge, but the old adage ‘follow the money’ still applies,” Lisa O. Monaco, the deputy attorney general, said at the news conference at the Justice Department.

Law enforcement officials highlighted the seizure in an effort to warn cybercriminals that the United States planned to take aim at their profits, which are often gained through cryptocurrencies like Bitcoin. It was also intended to encourage victims of ransomware attacks — which occur every eight minutes, on average — to notify the authorities to help recover ransoms.

Full story https://www.nytimes.com/2021/06/07/us/politics/pipeline-attack.html