The FBI has released a decryption tool available to over 500 cyberattack victims around the world in a bid to take down the Blackcat hacker group, which attacked MGM Resorts in the fall.
Investigators have been working on the case over the last 18 months after the group, also known as ALPHV, extracted hundreds of millions of dollars from its victims.
In response, the FBI has developed and released the tool as part of a fightback mechanism that has helped to avoid $68m of ransom payouts.
“The FBI continues to be unrelenting in bringing cybercriminals to justice and determined in its efforts to defeat and disrupt ransomware campaigns targeting critical infrastructure, the private sector, and beyond,” said FBI Deputy Director, Paul Abbate.
“Helping victims of crime is the FBI’s highest priority and is reflected here in the provision of tools to assist those victimized in decrypting compromised networks and systems.
“The FBI will continue to aggressively pursue these criminal actors wherever they attempt to hide and ensure they are brought to justice and held accountable under the law.”
In September, the group conducted an attack on MGM Resorts, which resulted in some customers’ sensitive information such as social security numbers and passport numbers being exposed, albeit on a limited scale.
The attack took down MGM’s computer systems for around a week and the casino operator informed investors by an SEC filing that it had cost around $100m in payments to fix the issues caused by the attack.
The company stated at the time: “MGM Resorts takes the security of its systems and data very seriously and has put in place additional safeguards to further protect its systems.
“MGM Resorts is notifying relevant customers by email as required by applicable law and has arranged to provide those customers with credit monitoring and identity protection services at no cost to them.”
While the issue appears to be behind MGM, the issue of cybersecurity has been bumped up to the top of the priority list of the industry and the FBI is helping victims and law enforcement agencies tackle the root cause.
As part of its wider efforts, the FBI has accessed the Blackcat ransomware group’s computer network as part, seizing several websites that the group operated.
“In disrupting the BlackCat ransomware group, the Justice Department has once again hacked the hackers,” said Deputy Attorney General Lisa O. Monaco. “With a decryption tool provided by the FBI to hundreds of ransomware victims worldwide, businesses and schools were able to reopen, and health care and emergency services were able to come back online.
“We will continue to prioritize disruptions and place victims at the center of our strategy to dismantle the ecosystem fueling cybercrime.”
Earlier this year, SBC Americas spoke to Justin Albrecht, Director of Global Mobile Threat Intelligence at Lookout, about the cyber attack on MGM Resorts, those behind the attack and how to prevent these occurances from taking place.
