The United States seized most of the cryptocurrency paid to hackers who took hostage-like portions of the Colonial Pipeline system last month, leading to rising gas prices and station disruptions.
The Department of Justice seized nearly 64 bitcoins, valued at about $ 2.3 million. The action was made possible by a warrant authorized by U.S. Magistrate Laurel Beeler. In an affidavit (pdf) in support of the warrant application, authorities said they had reviewed the public ledger of bitcoin and determined the transfer of the ransom to a specific address.
‘The sophisticated use of technology to hold businesses and even entire cities hostage for profitability is certainly a challenge in the 21st century. But the old adage follows the money money still. And that’s exactly what we’re doing, ”Deputy Attorney General Lisa Monaco told a news conference in Washington.
Colonial Pipeline reported on May 7 was attacked by a hacking organization called DarkSide, which used ransomware, or malicious software, to lock parts of its network. The group then demanded payment to unlock the network.
Colonial told the FBI that he paid DarkSide about 75 bitcoin as ransom. Colonial CEO Joseph Blount later called it “the right thing to do for the country” to make pipeline repair possible.
The bitcoin was worth $ 4.4 million at the time.
The attack caused Colonial to take its 5,500-mile canal offline. Combined with a shortage of drivers of fuel trucks, the situation has led to disruptions at tens of thousands of filling stations in the southeast and fuel prices have risen.
Bitcoin is the most important crypto-currency in terms of value. A single bitcoin fetched more than $ 60,000 this year, although the price has since dropped to $ 34,000. Bitcoin is a payment method that relies on different nodes to control transactions, which are recorded in public logs. People who receive and send bitcoin can remain anonymous, although holders have seen an increasing number of regulations in the United States.
DarkSide, which last month claims to have been disbanded, is one of more than 100 ransomware-as-a-service networks the FBI is currently investigating. The networks provide tools to attack businesses and governments, in exchange for a share of the proceeds. Experts believe that attacks on ransomware have increased in recent years, and the money raised by attackers has grown exponentially.
“Today, we turned the table on DarkSide by chasing the entire ecosystem that incites ransomware and digital extortion attacks, including criminal proceeds in the form of digital currency,” Monaco said.
“The extortionists will never see this money,” added Stephanie Hinds, acting U.S. Attorney for the Northern District of California.
Officials have encouraged organizations to invest in cyber security protection and enhanced prevention measures before they are hit. If an attack does occur, victims are encouraged to cooperate with law enforcement.
‘The message we are sending today is that if you come forward and work with law enforcement, we will be able to take the kind of action we took today to deprive the criminal actors of what they are pursuing here, the proceeds from their criminal scheme, ”Monaco said.
Blount said Colonial is grateful for the FBI’s work.
“Holding cybercriminals accountable and disrupting the ecosystem that enables them to function is the best way to repel and defend against attacks of this nature,” he said in a statement. “The private sector also plays an equally important role and we must continue to take cyber threats seriously and invest accordingly to toughen our defenses.”