There are few more serous forms of hacking than malware attacks designed to extort Ransom. Ransomware denies the computer owner the ability to make further use of the computer systems. In some cases, it has resulted in the loss of life because critical medical systems were attacked and could not be brought back live on time. One of the most potent Ransomware groups is known as Darkside.
DarkSide is believed to be based in Russia, but is not sponsored by the government there and they have previously claimed that its members are not allowed to mount attacks on targets in Russia, Ukraine, Georgia, or Belarus, suggesting some toleration of their criminal activity by these states.
When US President Joe Biden met Russian president Vladimir Putin at a summit in Switzerland this month, he called for mutual cooperation to end the ransom exploits of Darkside and other Russian-based hackers, who are accused by the US Government of being responsible for both the Colonial Pipeline and the much larger SolarWinds attacks.
While DarkSide, was allegedly disbanded after carrying out the Colonial Pipeline ransomware attack, they may come back soon, using the same method under a different name, according to US intelligence sources [According to US intelligence sources, most of the money was recovered]
Research published recently by London-based blockchain analytics firm Elliptic appears to show that DarkSide extorted more than $90m in Bitcoin before supposedly halting its illegal activities. US cyber security experts have warned that ‘certain countries’ were turning a blind eye to the cyber criminal activity emanating from within their borders.
Speaking to reprters, the acting Director of the National Counter Intelligence and Security Center Michael Orlando said: “We do know that countries like Russia and China, Iran and others certainly create safe havens for criminal hackers as long as they don’t conduct attacks against them.”But that’s a challenge for us that we’re going to have to work through as we figure out how to counter ransomware attacks.”
Assistant Attorney General of the Department of Justice’s National Security Division John Demers told CNBC that the Colonial Pipeline attack highlighted the issue of “nation-states serving as safe havens for criminal cyber-actors.” Demers said that “nation-states aren’t doing their part to investigate and root out hacking activity happening within their borders.” He went on to suggest that DarkSide, far from going dark, could be “just off renaming themselves…. Groups like that will come back.”
Source: Cyber Security Intelligence