WASHINGTON (CN) — Attorney General Merrick Garland announced Thursday that the Department of Justice and foreign authorities seized a ransomware network known as Hive.
Speaking to the press at department headquarters in Washington, Garland said the FBI worked with international partners to infiltrate the ransomware network last July and eventually tracked its computer servers to California.
“Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world,” Garland said.
Having secured clandestine access to Hive’s control panel over the summer, Garland continued, officials within the FBI Tampa Field Office have since offered keys to decrypt infected networks to more than 1,300 victims worldwide, preventing at least $130 million in ransom payments.
In one instance, a ransomware attack prevented a U.S. hospital from accepting any new patients “at a time when COVID-19 was surging in communities around the world,” Garland said, adding that the hospital had to use paper copies of patient information and was only able to recover data after it paid a ransom.
Hospitals, school districts, financial firms and critical infrastructure were among the more than 1,500 victims targeted by Hive worldwide.
The group’s most recent victim, Garland noted, was attacked about 15 days ago in the Central District of Florida.
FBI Director Christopher Wray said during the press conference that technical indicators led officials to Hive’s decryption keys, which they “turned around and provided to those in need.”
“We are engaged in what we call joint sequenced operations,” Wray said, “that includes everything from going after their infrastructure, going after their crypto, going after people who work with them here, getting the keys and making those available.
He continued: “But it also includes hunting people down with our partners around the world, and sometimes those people may face a U.S. criminal justice system that sometimes meditates charges with all of our many partners who are increasingly branching out.
“We’ve been able to exploit that access to help victims,” Wray said, “while keeping Hive in the dark.”
Over the past seven months, Wray said officials were able to prevent ransomware attacks against a university and a local medical specialty clinic, as well as victims overseas including a foreign hospital.
No arrests have been made but the FBI director warned that anyone involved with Hive “should be very concerned because this investigation is still very much ongoing.”
Last April, Department of Justice officials announced the seizure of one of the world’s largest hacker forums, RaidForums, and the arrest of the site’s founder and chief administrator, Diego Santos Coelho, of Portugal.
In November 2021, Garland announced the arrest of seven hacking suspects as part of a global law enforcement effort called Operation GoldDust.
The attorney general was joined Thursday by Deputy Attorney General Lisa O. Monaco, Assistant Attorney General Kenneth A. Polite, Jr. and U.S. Attorney Roger Handberg for the Middle District of Florida.
Follow @EmilyZantowNews
Subscribe to Closing Arguments
Sign up for new weekly newsletter Closing Arguments to get the latest about ongoing trials, major litigation and hot cases and rulings in courthouses around the U.S. and the world.
