One of the most deadly ransomware organisations operating today was penetrated by law authorities and effectively shut down.
The FBI was able to penetrate the renowned Hive collective in July 2022, preventing assaults on corporations and saving them over $130 million by spreading decryption keys and warning of future attacks.
The cybersecurity research community is still sceptical that the danger has really faded since many of the organization’s top leaders are still at large.
A ransomware threat looms
The global takedown of Hive, including its websites and communication channels, was the result of a joint effort by the US Department of Justice, the FBI, the Secret Service, and European nations including Germany and the Netherlands, according to a statement released by the US DOJ.
Businesses might breathe a sigh of relief now that Hive has been decommissioned, but security expert John Hultquist, Vice President of Mandiant Threat Intelligence, is cautious.
Cyberscoo cites him as saying that Hive has taken a major hit. “Measures like this make it more difficult to implement ransomware. Maybe it’s time for Hive to reorganise, rethink, and rename itself.
The BBC, however, cited a comment in which he said that, “The organisation won’t be fully gone until they’re apprehended. It will take time for them to reassemble, but I’m willing to wager that they will eventually make a comeback.”
Senior manager at Mandiant Kimberly Goody was quoted by Cyberscoop as saying that because numerous ransomware gangs have relationships to one other, the only thing that may change in practise is the identities of the organisations involved.
Hultquist said that, while waiting for justice, security organisations like Mandiant should think about how to better fight against ransomware, a developing danger that is now widely viewed by enterprises and security experts as pervasive despite diminishing profitability for attackers.
If we can’t make arrests, we’ll have to shift our attention to defensive strategies. This has to be our top priority until we can deal with the Russian safe haven and the robust cybercrime marketplace.
Hive is a major scalp for law enforcement authorities throughout the world, even if it is just temporary. Cyberscoop reports that in 2022, Hive was responsible for more than 15% of all ransomware infections handled by Mandiant.
Subtly charming pop culture geek. Amateur analyst. Freelance tv buff. Coffee lover