Feds Recoup $500K From Maui Ransomware Gang
Law enforcement hopes that retuning ransom payments to impacted businesses will demonstrate that working with the feds following a cybersecurity breach is "good business."
Two healthcare companies — one in Kansas and another in Colorado — are about to have about $500,000 in combined ransomware payments returned, after the Department of Justice was able to follow a cryptocurrency trail back to Maui operators and seize the extorted funds.
The Federal Bureau of Investigation seized the Maui-connected cryptocurrency accounts back in May and is now working through the courts with the Department of Justice to return the money to its victims. Maui is a strain of ransomware with ties to the North Korean state that focuses its crippling cyberattacks on healthcare and public health organizations.
The returned ransom success story is meant to serve as a signal to other targeted organizations that working with law enforcement following a cybersecurity incident is "good business," Assistant Attorney General Matthew G. Olsen of the Justice Department's National Security Division said in a statement about the court filing.
"The FBI is dedicated to working with our federal and private sector partners to disrupt nation-state actors who pose a critical cyber-threat to the American people,” FBI Cyber Division Assistant Director Bryan Vorndran said about the recovered Maui ransomware payments. "We will continue to pursue these malicious cyber-actors, such as these North Korean hackers, who threaten the American public regardless of where they may be and work to successfully retrieve ransom payments where possible."
About the Author
You May Also Like
Unleashing AI to Assess Cyber Security Risk
Nov 12, 2024Securing Tomorrow, Today: How to Navigate Zero Trust
Nov 13, 2024The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024