acm-header
Sign In

Communications of the ACM

ACM News

A Rare Win in the Cat-and-Mouse Game of Ransomware


Fuel storage tanks connected to the Colonial Pipeline system in Baltimore.

Colonial Pipeline paid nearly $5 million to hackers to recover its stolen data.

Credit: Samuel Corum/Bloomberg

In a year rife with ransomware attacks, when cybercriminals have held the data of police departments, grocery and pharmacy chains, hospitals, pipelines and water treatment plants hostage with computer code, it was a win, rare in the scale of its success.

For months, a team of security experts raced to help victims of a high-profile ransomware group quietly recover their data without paying their digital assailants a dime.

It started in late summer, after the cybercriminals behind the Colonial Pipeline ransomware attack, known as DarkSide, emerged under a new name, BlackMatter. Soon after, the cybercriminals made a glaring mistake that most likely cost them tens, if not hundreds, of millions of dollars.

Ransomware criminals encrypt a victim's data and demand a ransom payment, sometimes millions of dollars, to return access. But when BlackMatter committed a critical error in an update to its code, researchers at Emsisoft, a cybersecurity firm in New Zealand, realized they could exploit the error, decrypt files and return access to the data's rightful owners.

From The New York Times
View Full Article

 


 

No entries found