Crackdown On Ransomware Criminals

Uploaded on 2023-02-15 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Law Enforcement, FREE TO VIEW

Seven Russian cyber criminals who are linked to the group behind some of the most damaging ransomware attacks on the UK in recent years have been exposed and sanctioned by the UK and the US. The seven cyber criminals, who will now be subject to travel bans and frozen assets will be severely restricted in their use of the global financial system.

The sanctions, which have been recently announced by the US Department of the Treasury’s Office of Foreign Assets Control (OFAC), form part of a concerted campaign by the UK and the US to tackle international cyber crime.

They follow a lengthy investigation by the National Crime Agency (NCA) into the crime group behind Trickbot malware, as well as the Conti and RYUK ransomware strains, among others. The NCA assesses that the group was responsible for extorting at least £27 million from 149 UK victims, including hospitals, schools, businesses and local authorities, although their true impact is likely to be much higher. 

National Crime Agency Director General Graeme Biggar said “This is a hugely significant moment for the UK and our collaborative efforts with OFAC to disrupt international cyber criminals... The sanctions are the first of their kind for the UK and signal the continuing campaign targeting those responsible for some of the most sophisticated and damaging ransomware that has impacted the UK.. We will continue to deploy our unique capabilities to expose cyber criminals and work alongside our international partners to hold those responsible to account, wherever they are in the world.”

Ransomware is a tier one national security threat, with attacks continuing to increase in scale and complexity. 

The criminals behind these attacks specifically target the systems of organisations they judge will pay them the most money and time their attacks to cause maximum damage, including targeting hospitals in the middle of the pandemic. 

Although the Conti group has allegedly disbanded, it’s members, including those sanctioned today, continue to be involved in some of the most notorious new ransomware strains that dominate and threaten UK security. 

The US Treasury Department named Vitaly Kovalev as a senior figure in Trickbot. It said in addition to announcing sanctions against him, an indictment was unsealed on February 9 in the US District Court in New Jersey charging Kovalev with bank fraud in connection with crimes that took place in 2009 and 2010, predating his involvement in Dyre or the Trickbot Group.

The other six individuals are Maksim Mikhailov, Valentin Karyagin, Mikhail Iskritsky, Dmitry Pleshevsky, Ivan Vakhromeyev, and Valery Sedletsky, who worked in various capacities, including development of ransomware and money laundering.

NCA:     RF/RL:      Standard:     Tech Central:     Police Professional:        

You Might Also Read: 

Russian Hackers Account For 74% Of Ransomware Proceeds:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

 

Cyber Security Intelligence: Captured Organised & Accessible

 

« Russian Cyber Attack Disrupts Earthquake Aid 
Royal Mail Refuses To Pay LockBit Ransom Demand »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

Splunk

Splunk

Splunk provide real-time Security Information & Event Management solutions for Enterprise Networks, Cloud and small-scale IT environments

CERT-UG/CC

CERT-UG/CC

CERT-UG/CC is the national Computer Emergency Response Team for Uganda, operating under the National Information Technology Authority (NITA-U)

Centro de Gestion de Incidentes Informaticos (CGII)

Centro de Gestion de Incidentes Informaticos (CGII)

CGII is the Computer Incident Management Center of the State of Bolivia.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Stratejm

Stratejm

Stratejm, a Next Generation Managed Security Services Provider, brings innovation and thought leadership to the fight against cyber criminals.

Vantea SMART

Vantea SMART

Vantea SMART have decades of experience in cybersecurity resulting in an approach of proactive prevention - Security by Design and by Default.

ArmorCode

ArmorCode

ArmorCode's intelligent application security platform gives us unified visibility into AppSec postures and automates complex DevSecOps workflows.

Air IT

Air IT

Air IT are a responsive, client-focused and award-winning Managed Service Provider, helping clients achieve success and transformation through their IT and communications.

Coralogix

Coralogix

Coralogix are rebuilding the path to observability using a real-time streaming analytics pipeline that provides monitoring, visualization, and alerting capabilities without the burden of indexing.

Kennedys

Kennedys

Kennedys is a global law firm with expertise in litigation/dispute resolution and advisory services, particularly in the insurance/reinsurance and liability sectors, including cyber risk.

The CyberWire

The CyberWire

The CyberWire gets people up to speed on cyber quickly and keeps them a step ahead in a continually changing industry.

DC Two

DC Two

DC Two are a locally operated and supported Australian data centre, offering a suite of vertically integrated services covering every part of the data centre and cloud technology stack.

Waterleaf International

Waterleaf International

Waterleaf provide advanced network and cybersecurity solutions - informed by data sciences. Transforming Connectivity, Security and Information for Municipalities, Government & Enterprise.

SplxAI

SplxAI

Our mission at SplxAI is to secure and safeguard GenAI-powered conversational apps by providing advanced security and pentesting solutions, so neither your organization nor your user base get harmed.

Replica

Replica

Replica creates authentic virtual environments that ensure identities and assets are always protected no matter where or what work needs to get done.