Ransomware Roundup: 05.13.22

Costa Rica’s President Rodrigo Chaves declared a national state of emergency as a result of attacks by the Conti Group on multiple governmental bodies. The government recently declined to pay the a $10 million U.S. dollar ransom, and Conti responded by releasing a trove of data allegedly stolen from the victim agencies. ‍

‍

Lincoln College announced on its website that the college would be permanently closing on its website as of May 13, 2022 - citing the strains of the corona virus pandemic and a recent incident involving ransomware as its reasons for shuttering. “Lincoln College has survived many difficult and challenging times – the economic crisis of 1887, a major campus fire in 1912, the Spanish flu of 1918, the Great Depression, World War II, the 2008 global financial crisis, and more, but this is different,” the college posted in its message.

‍

This tragedy highlights the importance of anti-ransomware efforts. These attacks are not ephemeral and affect the lives of actual humans.

‍

As a response to the ransomware threat, the United States Federal Government announced measures that target ransomware actors.

‍

The U.S. Department of the Treasury leveled sanctions against a virtual currency mixer Blender.io in an effort to hit ransomware gangs in their wallets.

‍

“Today, for the first time ever, Treasury is sanctioning a virtual currency mixer,” said Under Secretary of the Treasury for Terrorism and Financial Intelligence Brian E. Nelson. “Virtual currency mixers that assist illicit transactions pose a threat to U.S. national security interests. We are taking action against illicit financial activity by the DPRK and will not allow state-sponsored thievery and its money-laundering enablers to go unanswered,” the United States Deportment of the Treasury wrote in its May 6 announcement.

‍

The U.S. State Department also announced a $10,000,000 reward against the ransomware group as the agency is ostensibly fed up with Conti’s stuff (editor’s note: the author used another word here, but we intervened for the sake of good taste and professionalism).

‍

“The Department of State is offering a reward of up to $10,000,000 for information leading to the identification and/or location of any individual(s) who hold a key leadership position in the Conti ransomware variant transnational organized crime group,” the agency wrote in its announcement. In addition, the State Department also offered a $5 million reward for information relating to information on any individual associated with the group.

‍

Finally, the world wished a very unhappy anniversary to the WannaCry ransomware this week. The ransomware strain emerged on May 12, 2017, and “in a matter of days spread to some 300,000 computers worldwide” according to DarkReading writer Jai Vijayan.

‍

WannaCry is still active, though not as prolifically as half a decade ago.

‍