Community Edition
Total Tests:
This Week:
Today:
Cyber Law Blog
Phobos Ransomware Admin Extradited From South Korea
November 21, 2024
Dark Web Crypto Mixer Founder Sentenced to Over 12 Years for Money Laundering
November 14, 2024
Global Сybercrime Сrackdown Takes Down Over 22K Malicious IPs And Servers
November 7, 2024
REvil Gang Members Sentenced
October 31, 2024
US Cop Indicted Over Buying Stolen Data
October 24, 2024
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

ImmuniWebInternational Media Coverage

FBI Recovers $2.3 Million of Colonial Pipeline Ransomware Payment; Some Questions About the Attack Answered

By Scott Ikeda for CPO Magazine
Thursday, June 10, 2021

A little over half of the $4.4 million Colonial Pipeline ransomware payment has been recovered by the FBI, and in the process some questions about the source of the attack may have been answered. The FBI is keeping its sources and tactics close to the vest, but inferences about how the money moved and was ultimately recovered lend credence to it being an incompetent ransomware-as-a-service client rather than a secret operation backed by the Russian government.

New task force recovers ransomware payment

The ransomware payment recovery is one of the first actions taken by the Justice Department’s new ransomware and extortion task force, which was first reported on in April. The task force was formed as a response to a record year in terms of ransomware incidents and payments, as attacks not only became more severe but incorporated new elements such as threatening blackmail and distributed denial of service (DDoS) attacks. The Justice Department recently moved ransomware attacks to the same response priority as terrorist attacks, calling the consequences “destructive and devastating.” Ilia Kolochenko, Founder, CEO and Chief Architect of ImmuniWeb observes: “The $2.3 million is a drop in the ocean of ransomware, however, it sends a bold statement that the DoJ now has tolerance-zero for ransomware gangs. The seizure continues the previously announced efforts to combat surging ransomware, and is likely to be a first palpable step to deter cybercriminals. Importantly, the DoJ will certainly need more funding to gradually expand its cybercrime prosecution unit (CCIPS) and foster interagency collaboration. Moreover, international cooperation is essential to curb surging ransomware attacks, including a baseline cooperation with traditionally hostile jurisdictions. Otherwise, even though uncovered, the perpetrators will likely enjoy impunity due to missing extradition treaties with foreign jurisdictions.”

The FBI also used the Colonial Pipeline outcome to highlight the importance of contacting officials as soon as possible after being hit by an attack, even if the organization plans to make the ransomware payment. Substantial recovery of funds is possible if the attackers route the money through the right places. Read Full Article


Previous Media Publications:

Computing: JBS paid $11 million to the REvil ransomware gang to decrypt its systems

ComputerWeekly: Colonial Pipeline ransom seizure is a win, but don’t relax yet

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential