icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm
14 Jan, 2022 23:54

US responds to Russian arrest of ransomware hackers

The Biden administration said one of the suspected hackers arrested in Russia was to blame for the Colonial Pipeline attack
US responds to Russian arrest of ransomware hackers

The Biden administration is “pleased” about Russia arresting several suspected hackers, including one allegedly behind the ransomware attack that led to week-long fuel shortages last year.

A senior administration official, speaking with reporters on Friday, said Moscow had informed Washington about the arrests, and that one of the individuals involved was responsible for the May 2021 attack that crippled the Colonial Pipeline.

“I want to be very clear: In our mind, this is not related to what's happening with Russia and Ukraine. I don't speak for the government's motives, but we're pleased with these initial actions,” said the unnamed official, according to Axios.

The US has been accusing Russia of planning an “invasion” of Ukraine for several weeks now, with Moscow dismissing the allegations as “fake news.”

Earlier on Friday, Russia’s Federal Security Service (FSB) announced it had conducted raids in three regions – Moscow, St. Petersburg and Lipetsk – targeting suspected hackers, after receiving a notice from US authorities about their alleged criminal activity.

The men arrested were reportedly members of REvil, a hacking group that specialized in ransomware attacks, and was blamed for the June 2021 attack on the meat processing conglomerate JBS and the US-based IT management platform Kaseya in July. 

The Colonial Pipeline attack was originally attributed to a different gang, called DarkSide. The company, which runs the pipeline providing much of the southern and eastern US with fuel, shut down operations for several days in May 2021, after the ransomware attack affected its automated invoicing service. 

The week-long disruption in supply caused fuel shortages across several states and Washington, DC. Colonial’s CEO Joseph Blount later admitted that he paid $4.4 million in ransom to the hackers, saying it was “the right thing to do for the country.” 

The following month, the FBI also blamed DarkSide for the attack, boasting that it had seized about $2.3 million in bitcoin from their accounts.

Podcasts
0:00
29:12
0:00
28:18