DOJ confirms takedown of ALPHV
The United States Department of Justice confirmed Tuesday that a recent outage of the ALPHAV cybercriminal group’s data leak site was part of a global law enforcement operation involving the FBI and several international law enforcement agencies. The takedown comes after the group spent nearly two years targeting manufacturers, professional services firms, corporations, and government entities, among other organizations, in double-extortion cyberattacks. The group’s modus operandi was to encrypt (or lock up) business-critical data and demand exorbitant ransoms in exchange for decryption tools, leaving victim organizations’ operations at a standstill for weeks to months on end. The group also regularly stole sensitive data and threatened to leak it if a ransom payment was not made. The law enforcement operation emphasizes the importance of cooperating with government investigations into cyberattacks so that law enforcement professionals are able to gather intelligence and other critical forensic artifacts needed to disrupt cybercriminals’ operations.
McDonald Hopkins’ national data privacy and cybersecurity group will continue to monitor and report on developments concerning ransomware and other forms of cybercrime.