International cyber-extortionists dealt a blow: German authorities seize functioning servers. - Investigators in Germany seized and shut down servers
In a significant blow against cybercrime, German investigators have successfully disrupted one of the world's most damaging ransomware groups - the Blacksuit (also known as Royal and Quantum). This cybercriminal syndicate was responsible for at least 184 ransomware attacks worldwide, causing estimated damages of over $500 million (approximately €430 million).
The State Criminal Police Office (LKA) of Lower Saxony led the operation, which involved an international collaborative effort, including the US Department of Homeland Security, Europol, the UK, Dutch Police, and other international agencies. The operation targeted the group's servers in Lower Saxony, disrupting their malware distribution, internal communications, and extortion websites.
The LKA president, Thorsten Massinger, emphasised the crackdown as a strong message in the fight against cybercrime. The press conference detailing the successful raid took place in Hanover, the capital of Lower Saxony, highlighting the regional significance of the operation.
The Blacksuit group used a double extortion method, stealing victims' data before encrypting it and threatening to publish or sell it to pressure victims into paying ransoms. This tactic has caused widespread concern and damage, with at least 184 victims identified worldwide, including several in Germany.
The seizure of the servers is expected to help in identifying further suspects and securing significant amounts of data. The Public Prosecutor's Office in Verden was also involved in the operation. The shutdown of the servers marks a significant milestone in the global fight against cyber extortion.
This coordinated global operation disrupted one of the most damaging ransomware groups, with Lower Saxony's LKA playing a pivotal operational role. The exact nature of the data stolen by the group remains unclear, but the operation follows longer international investigations and serves as a reminder of the ongoing efforts to combat cybercrime.
[1] BBC News [2] Reuters [3] The Verge [4] CyberScoop
- The Commission, with its expertise in the protection of workers from chemical substance exposure, might be consulted on drafting a directive that incorporates cyberssecurity measures to safeguard workers from digital threats associated with technological advancements.
- In light of the success in disrupting the Blacksuit ransomware group, authorities could consider employing similar coordinated international efforts to combat other digital menaces, such as cyber espionage or hacking of critical infrastructure systems, in the future.
