The US State Department announced a bounty of $10 million for information leading to the identification or location of the Darkside ransomware group.
Darkside, one of the most prolific ransomware groups, earlier this year, carried out one of the largest ransomware attacks in history against the Colonial Pipeline Company, resulting in the closure of the conduit that supplied 45 percent of fuel on the east coast. This resulted in gas shortages across the US for weeks, until the group was finally paid $4.3 million for the ransomware decryption keys.
The Statement Department indicated that the bounty was a highlight of its commitment in fighting organized ransomware groups, and as an assurance for ransomware victims around the world who are still being exploited by the criminals.
How the bounty will impact veterinary practices
Veterinary practices have not been immune to ransomware attacks, and although most are not high profile, recent attacks have made national news.
With the sophistication of ransomware attackers growing with each passing day, it has also become difficult for veterinary practices to protect themselves against these types of attacks. However, with the recent involvement of law enforcement and the State Department, there is now a glimpse of hope that finally ransomware attacks are being given the attention they deserve, and this might help save the next practice owner from becoming a ransomware victim.
The bounty also shows a shift in attitude toward ransomware attackers and groups by the US government, after revelation that the payment was coming from the State Department’s Transnational Organized Crime Rewards Program, which has been responsible for bringing down more than 75 transnational criminals. The Department has also been responsible for offering more than $135 million to people who have helped them in the past.
The classification of ransomware groups as part of organized crime will help deter future attacks against future ransomware attacks aimed at veterinary practices. It also marks a new height of escalation between the US government and ransomware groups.
Since its inception in August 2020, the ransomware group is believed to have infected victims from more than 15 countries, targeting multiple industries such as financial services, legal services, manufacturing, healthcare services, veterinary practice, retail and technology. The group also demands some of the highest ransoms, with the most high-profile one being the $4.3 million they received from the Colonial Pipeline.
Beside the $10 million bounty for the location of the people behind the ransomware group, the State Department also offered a payment of up to $5 million for anyone with information on any of its leaders leading to their arrest.
Ransomware as a service has also made it easy for cybercriminals to target veterinary practices with impunity, and Darkside is one of the most prolific ransomware groups in RaaS. The targeting of the group will mean decreased targeted attacks on veterinary practices, and if the State Department succeeds in taking them down, it will send a clear message to other ransomware groups targeting veterinary practices.
US Cyber Command and its impact on veterinary practices
The bounty offer was not the only development this week in the fight against ransomware attacks in the US. The US Cyber Command also announced that it had conducted a surge over the past three months meant to address the growing problem of ransomware attacks.
The surge operation involved the Cyber Command taking aim at the sources of funds for ransomware operatives, who mostly operate in Russia and Eastern Europe. The operation was done to undermine the financial capabilities of ransomware groups and take control of the recent surge in ransomware attacks that have paralyzed industries across the US.
The operation by US Cyber Command on cybercriminal groups’ financial sources will help unravel the people behind the recent surge in ransomware attacks and put an end to some of the ransomware groups that have been responsible for attacking veterinary practices.
The operation has also resulted in arrests of cybercriminals, including a Russian man, who was extradited from South Korea to the US in October. The man is believed to have been behind ransomware attacks that resulted in millions of computers worldwide being compromised and causing losses.
A report from the Washington Post has also indicated that US Cyber Command was behind the recent operation against the REvil ransomware group, which resulted in their servers being shut down and the group folding their operations and disappearing.
CyberCom’s involvement in the fight against ransomware will also help in reducing the number of cybercriminals targeting veterinary practices and practice owners. If successful, the operation can also mark the end of ransomware attacks in the US, saving millions of potential victims from ransomware attacks.