ransomware
After the “Hive” hacker network was destroyed: Cyber blackmailers are gradually getting into trouble
Caught: Investigators shut down the dreaded hacker network. (icon picture)
© gorodenkoff / Getty Images
In a joint action, authorities from the USA, Canada and Europe have switched off the infrastructure of criminal hackers. And that’s not the only thing that makes life difficult for criminals.
According to investigators, more than 1,500 “serious cyber attacks to the detriment of companies” can be attributed to the hacker group “Hive”. In Germany alone, more than 70 offenses are involved. This is now over for the time being: In a joint action, the US judiciary, the Secret Service, the FBI, Europol, the Federal Criminal Police Office in Wiesbaden and the security authorities of other countries have succeeded in paralyzing the infrastructure of the hackers. This was announced by the authorities involved recently. According to the police, numerous servers containing data about actors and users were secured as part of the campaign (find out more here).
Hackers off the network because a victim fought back
According to the police, the so-called “Operation Dawnbreaker” originated in an investigation by the public prosecutor’s office in Stuttgart and the police headquarters in Reutlingen. After there was a hacker attack on a company in the district of Esslingen last year, the officials said they were able to penetrate the hacker’s infrastructure.
The decisive step was only successful because the company decided against paying the ransom and filed a criminal complaint, the police said. A phenomenon that cyber extortionists could encounter more frequently in the future – because current studies show that victims of ransomware are less and less willing to pay the horrendous sums to have their data released. While the criminals were able to steal around 765 million US dollars in 2020 and 2021, the sum fell to 457 million US dollars last year due to a decrease in willingness to pay – a minus of 40 percent.
Ransomware is gradually losing its terror
According to experts, there are three reasons for this development. First, victims are now aware that paying the ransom is no guarantee that they will get their files back and that the hackers will delete them. Second, the public perception of ransomware attacks has changed – only rarely do data leaks result in lasting damage to the organizations affected. And thirdly, many companies have adapted to the potential threats by paying more attention to good backups. With these, the IT infrastructure can be restored quickly in the event of an attack.
Better preparation and knowledge of possible dangers are also responsible for the fact that the average lifetime of ransomware has fallen significantly in recent years. While in 2018 there were around 592 days that a certain type of ransomware was actively used, in 2022 this period was only 70 days.
Even if the numbers are a positive development, the industry magazine “Bleeping Computer” writes that too many victims are still willing to pay the ransoms demanded. “Full discouragement of operators by non-payment is still a long way off,” it says.
Cases such as the dismantling of “Hive”, an internationally known actor, are therefore also important so that current and future victims develop an awareness of who to turn to for help when blackmailers have struck. If the company concerned hadn’t contacted the police, “Hive” would probably still be active – now the network is one less threat.
Sources: DOJ, Europol, Reutlingen police, Bleeding computer
Also read:
Numbers and anger from the boss: That’s how banal everyday office life is for super hackers
Tesla hacker wants to emigrate: “IT talents are going to waste in Germany”