Powered by MOMENTUM MEDIA
accounting times logo

Powered by MOMENTUMMEDIA

Powered by MOMENTUMMEDIA

AFP distributes decryption key to thwart Russian cyber crims

Technology
21 December 2023
afp distributes decryption key to thwart russian cyber crims

Ransomware group BlackCat has targeted dozens of local operations but the FBI came up with a fix, the AFP says.

Russian cyber criminals who hacked into more than 50 Australian operations and demanded ransoms are being thwarted by an FBI decryption tool now being distributed by the AFP.

The cyber gang, known as BlackCat, had infiltrated dozens of local businesses and government agencies, the AFP said, stealing sensitive data, encrypting their networks and then demanding money to restore access.

AFP Cyber Command Assistant Commissioner Scott Lee said the ransomware group first came to its attention in 2021 and law enforcement agencies globally had cooperated to disrupt BlackCat, which was estimated to have cost victims hundreds of millions of dollars.

==
==

“The unlawful activity by BlackCat had a severe impact on Australian businesses, many of which remain without access to some key systems,” Assistant Commissioner Lee said.

“The FBI developed a decryption tool that allowed law enforcement partners around the world to offer more than 400 affected victims the capability to restore their systems.”

“We have so far identified 56 Australian-based victims across both corporate and government sectors and we are engaging with victims to provide decryption keys to restore their systems where we can. Those decryption keys are similar to a password.”

Led by the FBI, the international operation had gained visibility into BlackCat’s computer network and seized several of its websites.

Assistant Commissioner Lee said BlackCat – also known as ALPHV or Noberus – used a ransomware-as-a-service model, in which developers created ransomware and maintained illicit internet infrastructure.

He said the group’s affiliates identified high-value businesses and institutions to attack, stole sensitive data and encrypted files so the victims could not access them. The criminals then demanded a ransom to decrypt the victim’s system.

If a victim paid up, the BlackCat group shared the money but if a victim refused, the criminals published the stolen data to a website where anyone could download it for further criminal use.

Globally, BlackCat had targeted networks that supported critical infrastructure, universities, court systems and major companies.

The global financial loss was estimated to be in the hundreds of millions of dollars and included ransom payments, destruction and theft of proprietary data, and costs associated with incident response.

Assistant Commissioner Lee said in the past 18 months, millions of Australians had been affected by devastating cyber incidents and ransomware attacks were becoming more prevalent.

“On average, one cybercrime is reported every six minutes, with ransomware alone causing up to $3 billion in damages to the Australian economy every year,” he said.

“The Australian government advises against paying ransoms.

“We urge anyone who has been the target of a BlackCat ransomware attack or any other ransomware breach and has not yet reported it, to report to police.”

“If we are alerted to an incident in its earliest moments, we have our best shot at gathering the evidence we need to identify those responsible for the attack, disrupt their activities and bring them to justice.

“Outcomes like this would not be possible without the ability of the AFP to engage with law enforcement around the world and coordinate responses.”

About the author

author image
Philip King

Christine Chen is a journalist at Accountants Daily and Accounting Times, the leading sources of news, insight, and educational content for professionals in the accounting sector. Previously, Christine has written for City Hub, the South Sydney Herald and Honi Soit. She has also produced online content for LegalVision and completed internships at EY and Deloitte. Christine has a commerce degree from the University of Western Australia and a juris doctor degree from the University of Sydney.

Subscribe

Join our subscribers get exclusive access to freebies and the latest news

Subscribe now!
NEED TO KNOW