Welcome to DU! The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards. Join the community: Create a free account Support DU (and get rid of ads!): Become a Star Member All Forums Issue Forums Culture Forums Alliance Forums Region Forums Support Forums Help & Search

Sgent

(5,857 posts)
Fri Oct 22, 2021, 04:45 PM Oct 2021

FBI, others crush REvil using ransomware gang's favorite tactic against it

Source: Ars Technica



Well, apparently, whoever relaunched REvil wasn’t the brightest bulb. Last night, Reuters reported that several countries working together took down the ransomware gang using one of the criminal organization’s favorite tactics—compromised backups.

Though the FBI isn’t commenting on the matter, private-sector cybersecurity experts and a former US official confirmed the operation, Reuters reports. “The FBI, in conjunction with Cyber Command, the Secret Service, and like-minded countries, have truly engaged in significant disruptive actions against these groups,” Tom Kellermann, VMware’s head of cybersecurity strategy and an adviser to the US Secret Service on cybercrime investigations, told Reuters. “REvil was top of the list.”



The newfound success against the slippery gang stems in part from the new legal freedom to pursue such criminal operations. US Deputy Attorney General Lisa Monaco recently determined that ransomware attacks on critical infrastructure are a national security threat on par with terrorism. That allowed the Justice Department to bring in assistance from the Pentagon and US intelligence agencies.

“Before, you couldn’t hack into these forums, and the military didn’t want to have anything to do with it,” Kellermann said. “Since then, the gloves have come off.”



Read more: https://arstechnica.com/tech-policy/2021/10/fbi-others-crush-revil-using-ransomware-gangs-favorite-tactic-against-it/?comments=1&start=40



So Biden has unleashed the hounds as it were. I'm not sure how I feel about offensive cyberoperations being carried out by the military / NSA against Russian civilians, but maybe this will have an effect.
17 replies = new reply since forum marked as read
Highlight: NoneDon't highlight anything 5 newestHighlight 5 most recent replies
FBI, others crush REvil using ransomware gang's favorite tactic against it (Original Post) Sgent Oct 2021 OP
Yeah, Biden released the hounds. But 3Hotdogs Oct 2021 #1
Or release The Biden :) Marthe48 Oct 2021 #4
Well BumRushDaShow Oct 2021 #8
I trust US Deputy AG Monaco's judgment that these are on par with terrorist attacks. ancianita Oct 2021 #2
isn't this the group that hacked Sinclair? RussBLib Oct 2021 #3
No idea Sgent Oct 2021 #5
Our local hospital was hacked in August Marthe48 Oct 2021 #6
+1,000! SheltieLover Oct 2021 #12
He told Putin he was going to stop the cyber attacks one way or another Historic NY Oct 2021 #7
You assume civilians. NoNobigwick Oct 2021 #9
Putin's not directly involved, though. ShazzieB Oct 2021 #11
This!👆 SheltieLover Oct 2021 #13
But when Russia asks them to do a favor, they will grant it. Eugene Oct 2021 #14
Before 2022 or 2024 election I fear a foreign cyber attack that seriously disrupts our country Pepsidog Oct 2021 #10
The fire needs.. denbot Oct 2021 #15
This would not have happened if TFG got a second term. Roisin Ni Fiachra Oct 2021 #16
A few thoughts of mine... BadGimp Oct 2021 #17

3Hotdogs

(12,204 posts)
1. Yeah, Biden released the hounds. But
Fri Oct 22, 2021, 05:06 PM
Oct 2021

until he releases the Kraken, we know he ain't serious about the problem.

BumRushDaShow

(127,270 posts)
8. Well
Fri Oct 22, 2021, 06:06 PM
Oct 2021

the Flyers beat them 6-1 this past Monday so they might not be that big of a thing...



They were no match for Gritty!





(and the Prez would agree )

ancianita

(35,812 posts)
2. I trust US Deputy AG Monaco's judgment that these are on par with terrorist attacks.
Fri Oct 22, 2021, 05:07 PM
Oct 2021

These operations sound defensive, not offensive. They only look offensive when we win.

RussBLib

(8,983 posts)
3. isn't this the group that hacked Sinclair?
Fri Oct 22, 2021, 05:10 PM
Oct 2021

Last edited Fri Oct 22, 2021, 05:51 PM - Edit history (1)

or is that the "Evil Corp" that hacked Sinclair?

is it the same group?

Sgent

(5,857 posts)
5. No idea
Fri Oct 22, 2021, 05:47 PM
Oct 2021

but possibly.

This one attacked the oil pipeline and infiltrated a computer security firm which gave them access to over 1500 organizations.

Marthe48

(16,688 posts)
6. Our local hospital was hacked in August
Fri Oct 22, 2021, 05:49 PM
Oct 2021

I am glad that we are finally acting to defend the entities at risk.

ShazzieB

(15,952 posts)
11. Putin's not directly involved, though.
Fri Oct 22, 2021, 07:19 PM
Oct 2021

The keyword being "directly."

The Russian government’s relationship with criminal hackers is different than that of other adversarial powers, like China or North Korea.

~snip~

China’s control of its hackers is similar to the kind of tight restrictions it places on society, business and its propaganda efforts.

But the Russian government has a different approach. Moscow allows oligarchs and criminal groups to follow their own plans, so long as they do not challenge the Kremlin and are generally working toward President Vladimir V. Putin’s goals, according to American government officials.


https://www.nytimes.com/2021/09/09/us/politics/russia-ransomware-hackers.html

Pepsidog

(6,252 posts)
10. Before 2022 or 2024 election I fear a foreign cyber attack that seriously disrupts our country
Fri Oct 22, 2021, 07:10 PM
Oct 2021

that a tough talking fascist with a brain will be elected in a landslide. It’s like the oil pipeline earlier this year caused panic and chaos. Something like that happens again and takes out the internet or electrical grid would be all the reason a tough talking right wing fascist needs to get elected. The right exploits imaginary made-up crisis what happens when there is a real crisis that causes massive disruptions happens. We aren’t ready for that and the pandemic has exposed many of our weaknesses.

denbot

(9,894 posts)
15. The fire needs..
Sat Oct 23, 2021, 12:19 AM
Oct 2021

More fire. Throw every possible attack at them. At some point one of these rouge units can bring down a national economy if left to thrive.

BadGimp

(4,009 posts)
17. A few thoughts of mine...
Sun Oct 24, 2021, 08:47 PM
Oct 2021

I've been following Ransomware for quite a while, and have learned a great deal about the subject since. The threat has always been there but it has now scaled to become a major global economic risk factor.

The Biden administration's actions stand in stark contrast to the absolute inaction of the TGS. Especially when you take into consideration how much of the Ransomware attacks have links to Russian aligned countries/players.

After 9/11, we saw the effect of bringing the entire capability of our US military and intelligence resources to bear on a serious global problem. The problem now as we are about to learn, is we are creating something much worse than a double edge sword. I worry that turning our Military into an offensive cyber force will create a monster that will likely be used in the not too distant future by corrupted players against US.

Latest Discussions»Latest Breaking News»FBI, others crush REvil u...