Jason Hiner/ZDNETFollow ZDNET: Add us as a preferred source More

d3sign/Getty Images The company behind NordVPN has created a new service called NordProtect that’s geared toward protecting users from identity theft. This new product includes features such as identity recovery and restoration, secure credit monitoring, 24/7 dark web monitoring, and cyber extortion protection. The identity recovery and restoration feature enables victims of identity theft to be […] More

Adrienne Bresnahan/Getty Images Retrieval-Augmented Generation (RAG) is rapidly emerging as a robust framework for organizations seeking to harness the full power of generative AI with their business data. As enterprises seek to move beyond generic AI responses and leverage their unique knowledge bases, RAG bridges general AI capabilities and domain-specific expertise.  Hundreds, perhaps thousands, of […] More

The Department of Justice announced on Monday that it managed to recover some of the ransom that was paid by Colonial Pipeline to the cybercriminals behind the DarkSide ransomware last month. While this is not the first time the government has been able to get some money back to victims, Deputy Attorney General Lisa Monaco said during a press conference that this was a first for the new Ransomware and Digital Extortion Task Force that was created in April to address the growing number of cyberattacks.  

ZDNet Recommends

Monaco explained that the Justice Department and FBI seized 63.7 Bitcoins — now valued at $2.3 million after a large dip in the cryptocurrency market — of the 75 Bitcoins that the CEO of Colonial Pipeline admitted to paying. Despite paying for the ransom, the encryption tools handed over did not work or help the company’s efforts to restore its systems.   The Justice Department obtained a warrant from a California district court on Monday in order to seize the money. “Following the money remains one of the most basic, yet powerful tools we have,” Monaco said. “Today’s announcements also demonstrate the value of early notification to law enforcement; we thank Colonial Pipeline for quickly notifying the FBI when they learned that they were targeted by DarkSide.”Monaco and FBI deputy director Paul Abate explained that the seizure was part of a larger effort to impose more costs on ransomware gangs, who have spent years holding hospitals, schools, businesses and government systems hostage. Both begged companies to be prepared for attacks and focus on contingencies in case of an eventual attack and reiterated much of the guidance that was handed down by the White House last week. 

“Cyber criminals are employing ever more elaborate schemes to convert technology into tools of digital extortion. We need to continue improving the cyber resiliency of our critical infrastructure across the nation, including in the Northern District of California,” said Stephanie Hinds, acting US Attorney for the Northern District of California.”We will also continue developing advanced methods to improve our ability to track and recover digital ransom payments.” Colonial Pipeline faced significant backlash for paying the ransom but the FBI and Justice Department said they were able to use the Bitcoin public ledger to trace the payments back to “a specific address, for which the FBI has the ‘private key,’ or the rough equivalent of a password needed to access assets accessible from the specific Bitcoin address.””There is no place beyond the reach of the FBI to conceal illicit funds that will prevent us from imposing risk and consequences upon malicious cyber actors,” Abbate said. “We will continue to use all of our available resources and leverage our domestic and international partnerships to disrupt ransomware attacks and protect our private sector partners and the American public.”Despite the success in this instance, Abbate and Monaco stressed that they would not be able to retrieve all ransom payments from now on and urged companies to take measures to protect themselves while also notifying the FBI as soon as possible in the event of an attack.”What we are saying today is that if you come forward, as law enforcement, we may be able to take the type of action that we took today to deprive the criminal actors of what they’re going after here which is the proceeds of their criminal scheme,” Monaco said. “We cannot guarantee and we may not be able to do this in every instance.”

more coverage More

BlackJack3D/Getty Images 2024 delivered some good news and bad news in the area of cybercrime. Malware-based ransomware attacks dropped for the third year in a row. But instances of infostealer malware grew dramatically. Those findings come from IBM X-Force’s “2025 Threat Intelligence Index” released Thursday. First, let’s look at the good news. For the year, […] More