Feb 13 2023

U.S. Justice Department Takes Down Hive, a Major Ransomware Group

Law enforcement successfully "hacks the hackers" and saves millions of dollars in the process.

The Justice Department has dealt a blow to a major international ransomware group that has meddled in the computer networks of businesses, hospitals, schools and other organizations in the U.S. and elsewhere. Given the high recurrence of cybercrimes, it’s a big win for the good guys.

Deputy Attorney General Lisa Monaco said at a news conference that one especially gratifying aspect of the raid was how agents busted the group, known as Hive: “Simply put, using lawful means, we hacked the hackers.”

Working with counterparts in Europe, the Justice Department used its own hackers to covertly access Hive’s computer networks over the summer, secretly thwarting attempts to extort about $130 million from more than 300 victims during that time. Late last month, U.S. agents seized servers the group had been using in Los Angeles and shut down Hive’s sites on the dark web.

EXPLORE: Learn why ransomware is a major threat to the energy and utility sector.

This is good news, but it is not unqualified: Hive attackers had already stolen more than $100 million from hundreds of victims around the world before government agents caught up with them — and even after the raid, no arrests were made. One reason: Only 20 percent of Hive’s victims reported issues to law enforcement.

Regardless, said Assistant Attorney General Kenneth A. Polite Jr. during the news conference, “we will continue our investigation and pursue the actors behind Hive until they are brought to justice.”

Thinkhubstudio/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT