Cybersecurity

DOJ disrupts global ransomware gang

Attorney General Merrick Garland attends a news conference on June 13, 2022, at the Department of Justice in Washington.

The Department of Justice announced on Thursday that it dismantled an international ransomware group responsible for extorting more than $100 million in payments from organizations based in the U.S. and around the world.

The ransomware group, known as Hive, has targeted more than 1,500 victims around the world since its operation began in June 2021, the department said. 

At a press conference, Attorney General Merrick Garland said the group has targeted critical sectors including hospitals and schools.

He noted a 2021 incident where Hive hackers deployed ransomware on computers of a hospital based in the Midwest. 

“At a time when COVID-19 was surging in communities around the world, the Hive ransomware attack prevented the hospital from accepting any new patients,” Garland said.


“The hospital was forced to rely on paper copies of patient information [and] was only able to recover its data after it paid a ransom,” he added. 

Garland also said the hackers employed a double extortion model against its victims, where they not only stole the data but also encrypted the information and threatened to publish it until a ransom was paid.

The DOJ also revealed that last summer, FBI agents infiltrated the hackers’ network and began disrupting their operations to extort victims.

For instance, FBI agents were able to disrupt a Hive ransomware attack that targeted the computer systems of a Texas school district. The department said it provided the school district with decryption keys, “saving it from making a $5 million ransom payment.”

“Simply put, using lawful means, we hacked the hackers,” said Deputy Attorney General Lisa Monaco.

Garland added that since last summer, the department has helped over 300 victims around the world and prevented them from paying about $130 million in ransom payments.

Ransomware attacks have dramatically increased over the last couple years with hackers targeting critical and vulnerable industries such as the health care sector. 

The Biden administration has also made it a priority to counter ransomware globally. Last year, the White House held its second International Counter Ransomware Initiative Summit, in which it invited more than 30 countries to discuss steps they can take to curb the rise of ransomware globally.