Speaker 1: We are here to announce that last night the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world, known as the Hive Ransomware Group. This network targeted more than 1500 victims around the world since June of 2021. In ransomware attacks, transnational cyber criminals used malicious software to hold digital [00:00:30] systems hostage and demand a ransom. Hi, ransomware affiliates employed a double extortion model. First, they infiltrated a victim system and stole sensitive data. Next, the affiliates deployed malicious software, encrypting the victim's system, rendering it unusable, and finally, they demanded a ransom payment, an exchange for a system decryption key, and a promise not to publish any stolen data. [00:01:00] Hive affiliates targeted critical infrastructure and some of our nation's most important industries. In one instance, in August, 2021, hive affiliates deployed ransomware on computers owned by a Midwest Hospital at a time when Covid 19 was surging in communities around the world.
Speaker 1: The Hive ransomware attack prevented the hospital from accepting any new patients. The hospital was also forced to rely on paper copies of patient information. [00:01:30] It was only able to recover its data after it paid a ransom Hive's. Most recent victim in the central district of California was attacked on or about December 30th of last year. Its most recent victim in the Central District of Florida was attacked around 15 days ago in its first year of operation, hive extorted over 100 million in ransom payments from its victims. Last summer, [00:02:00] FBI agents from the Tampa division with a support of prosecutors in the criminal divisions, computer crime and intellectual property section, and the middle district of Florida infiltrated the Hive network and began disrupting a HIV's attempts to dis extort victims. For example, the FBI disrupted a hive ransomware attack against the Texas school district's computer systems. The Bureau provided decryption keys to the school district saving it from making a 5 million [00:02:30] ransom payment. That same month, the FBI disrupted a high ransomware attack on a Louisiana hospital saving the victim from a $3 million ransom payment. The FBI was also able to disrupt an attack on a food services company. The Bureau provided the company with decryption keys and saved the victim from a 10 million ransom payment. Since July of last year, we provided assistance to
Speaker 2: Over 300 victims [00:03:00] around the world helping to prevent approximately 130 million in ransom payments. Our continued investigative efforts led us to two backend computer service servers located in Los Angeles that were used by Hive to store the network's critical information last night. Pursuant to court order, we seized those servers. We also received court authorization to rest control [00:03:30] of hive's, dark nut sites, and render its services unavailable this morning. If a Hive affiliate tries to access their Dark Net site site, this is what they will see Our investigation into. The criminal conduct of Hive members remains ongoing. I want to thank all of the agents, prosecutors, and staff across the department for their work on this matter. I also want to thank the United States Secret Service [00:04:00] as well as all of our international partners, including Germany and the Netherlands, as well as our law enforcement partners. At uol. Cyber crime is a constantly evolving threat, but as I have said before, the Justice Department will spare no resource to identify and bring to justice anyone, anywhere who targets the United States with a ransomware attack. We will continue to [00:04:30] work both to prevent these attacks and to provide support to victims who have been targeted. And together with our international partners, we will continue to disrupt the criminal networks that deploy these attacks.
