The U.S. Department of Justice last week announced the outcome of a multi-agency, multinational operation that dismantled an international ransomware network with thousands of targets. With a narrative worthy of a fictional espionage thriller, the news release dated January 26, 2023, described a months-long campaign of disruption waged against the Hive ransomware group.
Details will no doubt continue to emerge, along with news of criminal charges and penalties for the alleged participants. If your clients need further convincing to secure comprehensive Cyber Liability coverage, here’s what we’ve learned about this bust so far:
- The Hive ransomware group targeted over 1,500 victims in more than 80 countries with primary focus on the health care, educational, and financial industries as well as critical infrastructure. The group extorted in excess of $100 million in ransom payments since mid-2021.
- Hive utilized a subscription-based distribution model known as Ransomware as a Service (RaaS) that enabled developers to create new strains of malicious software and then pass them to affiliates who identified targets and deployed the malware. Both parties earned a percentage of any ransom paid.
- Malware was distributed by exploiting vulnerabilities in single-factor logins, Remote Desk Protocol (RDP), and virtual private networks (VPNs) along with sending phishing emails and other means.
- Attacks originating with the Hive group were double-pronged. Affiliates would first steal sensitive data from a target organization and then encrypt the entire system. Hive threatened to disclose the organization’s sensitive information if the target refused to pay the ransom on demand.
- The operation thwarted over $130 million in outstanding ransom demands and involved the U.S. Department of Justice, Federal Bureau of Investigation (FBI), U.S. Secret Service, U.S. Cybersecurity and Infrastructure Security Agency (CISA), U.S. Attorney’s Offices in multiple jurisdictions, and international police agencies from Germany, the Netherlands, Canada, France, Lithuania, Norway, Portugal, Romania, Spain, Sweden, and the United Kingdom.
Your commercial clients can perform every trick in the risk management book to protect their businesses and still fall victim to these attacks. MiniCo’s exclusive Cyber Insurance program provides coverage for cyber extortion loss, data and network liability, breach response, business interruption loss, and more. Most importantly, this program provides peace of mind that if the unthinkable happens like it did to these 1,500+ victims, they will have the protection they need to recover fully and quickly. Contact us today for more information.
