China News Service, July 30. According to a report by the Overseas Chinese News Network, on the 27th local time, officials from the US Federal Bureau of Investigation (FBI) stated that the agency is tracking more than 100 active ransomware groups.
But because hackers often come and go without a trace, this task is extremely difficult.
According to reports, Brian Warendland, Assistant Director of the FBI’s Cyber Department, provided the above information at the Senate Judiciary Committee’s hearing on ransomware. The impact of other organizations.
According to reports, in May, a few days after the hacker organization DarkSide invaded the Colonial Pipeline Company of the United States, it "disappeared" from the Internet.
REvil, one of the frequently active ransomware groups, also mysteriously disappeared after a large-scale attack earlier this month, when the group invaded more than 1,500 organizations around the world.
Brett Carlow, an analyst at the cybersecurity company Emsisoft, pointed out that their disappearance is nothing compared to the malicious underground activities of ransomware groups.
"New gangs always seem to emerge in endlessly. In some cases, they are subsidiaries of other companies. In other cases, they will make a facelift and make a comeback."
Carlo said that more than 1,000 ransomware groups have been discovered by researchers, although most of them seem to have disappeared.
The report pointed out that tracking the criminals behind the ransomware is a difficult task.
The hacker who writes and maintains ransomware is often not the same person as the hacker who deploys the software, but both parties share the profits.
Warren Delan pointed out that it is particularly difficult to fully understand a specific ransomware operation because the hackers behind it are often good at hiding their whereabouts.
Warrendland estimated that due to the extremely complex issues involved, about half of the cases will not be able to find the exact source.