Law enforcement hopes that retuning ransom payments to impacted businesses will demonstrate that working with the feds following a cybersecurity breach is "good business."
Two healthcare companies — one in Kansas and another in Colorado — are about to have about $500,000 in combined ransomware payments returned, after the Department of Justice was able to follow a cryptocurrency trail back to Maui operators and seize the extorted funds.
The Federal Bureau of Investigation seized the Maui-connected cryptocurrency accounts back in May and is now working through the courts with the Department of Justice to return the money to its victims. Maui is a strain of ransomware with ties to the North Korean state that focuses its crippling cyberattacks on healthcare and public health organizations.
The returned ransom success story is meant to serve as a signal to other targeted organizations that working with law enforcement following a cybersecurity incident is "good business," Assistant Attorney General Matthew G. Olsen of the Justice Department's National Security Division said in a statement about the court filing.
"The FBI is dedicated to working with our federal and private sector partners to disrupt nation-state actors who pose a critical cyber-threat to the American people,” FBI Cyber Division Assistant Director Bryan Vorndran said about the recovered Maui ransomware payments. "We will continue to pursue these malicious cyber-actors, such as these North Korean hackers, who threaten the American public regardless of where they may be and work to successfully retrieve ransom payments where possible."
About the Author(s)
You May Also Like
Defending Against Today's Threat Landscape with MDR
April 18, 2024The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024