The tech world has agreed that ransomware and malware are becoming one of the most prolific cyber attacks in recent years and 2019 is poised to break records in terms of the number of cyber attacks in history. And they seem to be not wrong, especially that US and European officials have officially charged ten individuals in connection with the swath of ransomware attacks that have plagued different government and private organizations both in the US and Europe.
The ten people who were charged were allegedly involved in the malicious software attacks that infected tens of thousands of computers and caused more than $100 million in financial losses, the US and European authorities announced Thursday.
According to the officials who filed the charges, the malware, which enabled cybercriminals and hackers from Eastern Europe infiltrate computer systems remotely and siphon funds from victim’s bank accounts, targeted companies and institutions across all sectors of American life.
The victims of the malware attacks included a Washington law firm, a church in Texas, a furniture business in California and a casino in Mississippi.
The announcement reveals that the charged individuals came from six countries and several are already awaiting prosecution in Europe. Another defendant in a related case was already extradited to the U.S. from Bulgaria in 2016 and pleaded guilty last month in federal court in Pittsburgh, where Thursday’s case was brought.
The charged individuals are now facing conspiracy to commit computer fraud, conspiracy to commit wire and bank fraud and conspiracy to commit money laundering.
According to Scott Brady, the United States attorney in Pittsburgh, this specific case is a model of how international collaboration can pin down foreign hackers. It stands out from the different instances in which the Justice Department pursued multiple malware prosecutions in recent years.
“It represents a paradigm change in how we prosecute cybercrime,” Brady said in an interview with The Associated Press ahead of a news conference in The Hague with representatives of the six countries.
While the United States can seek immediate extradition of the ten charged individuals, prosecutors will first bring the charged against some of them in the Eastern Europe countries of Ukraine, Moldova, and Georgia.
The investigation started following the dismantling of a network of computer servers, known as Avalanche, which hosted more than two dozen different types of malware. The Justice Department had successfully taken their operation apart in 2016.
“For the past three years, we have been unpeeling an onion as it were that is very challenging to investigate and identify,” Brady said.
Officials reveal that the malware in the current court case has infected more than 41,000 computers by disguising as legitimate messages or invoice and was sent as spam emails. Once the email was opened, hackers will be able to record all keystrokes in the infected computer, sweeping data like baking information and wire money away from the victim’s account.
Brady admits that the effort to recover the stolen funds is arduous, especially in international cybercrime cases such as this one.
“Proceeds were converted to bitcoin, and without the private key, it is really hard to identify and access, let alone seize those accounts,” Brady said.
Ransomware is a cyber attack where hackers infect a computing system with an anomaly or a bug to gain access and control and ask for demands like money to solve the crisis. Ransomware has become extraordinarily popular in the last few months, making it one of the most prolific forms of a cyber attack. In one instance, a ransomware attack has crippled the operation of a city government with just a single attack.
A swath of ransomware has been terrorizing different corporation and government systems around the world in recent months. Norsk Hydro, one of the biggest aluminum producers worldwide, was previously forced to shut down a part of its manual operations because of a cyber attack that targeted its computer systems and internal servers. After an investigation regarding the incident, it was concluded that a LockerGoga ransomware attacked the company.
“Hackers are starting to exploit those gaps at companies of all sizes and industries. The problem is no longer exclusive to large corporations or data-rich organizations. The tools hackers use are cheap, easy to find, and simple to use, which makes hacking for fun or profit easier than ever,” tech expert said about a ransomware attack.