Monday, January 30, 2023

Law Enforcement Units Combine their Work to take Hive Ransomware Gang Offline


Score one for the good guys!  The Hive ransomware group has caused a *lot* of damage.  Of course any ransomware group can wreak havoc, but from the standpoint of where I work, Hive seemed to have targeted the healthcare sector more than others.  

This lead to all kinds of terrible outcomes.  In August 2021 Hive ransomware encrypted the network of a hospital that was forced to stop admitting patients during a Covid-19 surge.  Another example was the Lake Charles Memorial Health System in Louisiana.  Their IT folks were able to prevent encryption of their network, but the hackers still got away with data on close to 270K patients.  Of course there are also lots of targets that remain unannounced for a variety of reasons.

Ransomware is a scourge, no matter who it impacts.  However, targeting healthcare carries with it the possibility  of injuring patients or perhaps even causing death.  That is one of the things that makes these type of illegal activities so reckless and dangerous.  Once you start to tinker with systems, you have no idea of the impact you may generate.  The Colonial Pipeline hack created all kinds of strife in different business sectors and also affected millions of individuals.  Ransomware is an example of the old adage of throwing a stone into a lake and you have no idea where all the ripples go or what they do.  Our systems are now so interconnected and oftentimes so dependent on one another that taking one down can very well result in taking others... and sometimes LOTS of others.

So, the good news here is that a task force of law enforcement entities from both the U.S. and internationally, have worked to take down Hive.  According to Lisa Monaco the US Deputy Attorney General "Simply put, using lawful means, we hacked the hackers."  There is a certain amount of poetic justice there, especially since it is coming from the Justice Department.

Of course, we'll probably never get all the details of how they did this.  And, despite the best efforts of law enforcement, there will be another ransomware gang to take their place.  However, I'm glad to see this effort.  Ransomware has a horrible impact on things and it needs to be limited in scope.  I doubt it will ever be eliminated totally.

There is a great write up on this on which you can find here.

No comments:

Post a Comment