Mon. Dec 6th, 2021

Sir Jeremy Fleming, director of GCHQ, is a British intelligence and cyber security agency.

Sir Jeremy Fleming, director of GCHQ, is a British intelligence and cyber security agency.
Pictures: Roslan Rahman / AFP (Getty Images)

The United Kingdom wants to use the newly formed cyber command to “hunt” and hack ransomware gangs, a high-level government official has recently revealed.

Jeremy Fleming, director of GCHQ, Britain’s signal intelligence agency, announced plans for this year. U.S. Cipher Short Threats Conference On monday. Fleming says Britain has seen a significant increase in ransomware attacks and the government wants to use offensive operations to prevent future attacks.

Such operations are likely to involve the government using its own work to target and deactivate servers run by criminal gangs, Financial Times report. The UK’s National Cyber ​​Force – a new unified command created last year – will be the vector for such activity.

In his remarks, Fleming indicated that governments have not done enough to impose costs on underworld operators.

“Because it is [ransomware] Expanding because it works. . . Criminals are making very good money from it and are often feeling it [it’s] Basically unrivaled, ”he said. “I am quite clear from the point of view of international law and of course you can go from the point of view of our domestic law. [criminal actors], “He added.

News of the UK’s plan to “hack hackers” came just a week later Reuters first reported The United States has conducted an operation of its own along this line. According to the outlet, the FBI and various partners have recently worked together to hack REvil’s servers – a prominent ransomware gang involved in some of the biggest attacks on US companies. Reveal Mysteriously missing In July, not long after management A huge attack On the software company Kaseya. At the time, it was not clear what happened to the perpetrators এবং and some speculated that the gang had deliberately shut down its own activities. However, Reuters report That, in reality, the gang’s network infrastructure was hacked by law enforcement and some of its servers were co-opted.

The news that the United States and the United Kingdom are engaged in such activities indicates a new phase of law enforcement strategy in the fight against cybercrime – in which governments pursue cybercriminals more actively and openly rather than clearing their mess.

Oleg Sculkin, deputy head of the DFIR lab at cybersecurity firm Group-IB, told Gizmodo in an email that the campaign against Reveal was not the first time the United States had worked to disrupt the cybercrime group.

“Such operations have been reported before,” Schulkin said. “Last year, the US Cyber ​​Command An operation completed To remove the infamous trickbot botnet before election day in parallel with private sector players, to prevent it from being used to launch attacks on IT systems supporting the election process.

However, Alan Liska, senior security architect at Recorded Futures, told Gizmodo that the recent FBI operation against Reveal would appear to be an increase in what the United States is willing to do to track down ransomware operators..

“Although this is not the first time that law enforcement has taken over the ransomware actor’s infrastructure, this is the first time they appear to have used the CNA (computer network attack) method (at least it has been publicly reported),” Liska said. “This is the next logical advance and a sign that law enforcement is taking the ransomware threat seriously.”

Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *