The Department of Justice announced Thursday that it had disrupted the operations of a ransomware group known as Hive, helping victims avoid $130 million in ransom payments. The Justice Department infiltrated the group back in July 2022, a release from the department said.
Hive used a network of “affiliates” to extort hospitals, infrastructure operators, school districts and more in 80 countries around the world, according to the DOJ. Hive’s malware would encrypt victims’ computer systems after affiliates would steal sensitive documents. Affiliates would demand ransom for both the data and a decryption key.
The DOJ said it had delivered decryption keys to 300 entities that were currently under attack and 1,000 keys to previous victims of the group. Hive had targeted over 1,500 victims in 80 countries around the world, the department said.
Experts have warned that cyberattacks on critical infrastructure remain a serious threat. In 2021 a ransomware attack shut down the Colonial Pipeline for five days and concern over gas shortages cause prices to jump.
