Technology

FBI Held Ransom Decryption Keys For Weeks

The US Federal Police FBI has left hundreds of companies and institutions in the rain with the consequences of ransomware attacks. Although you had the decryption key, you preferred to hold it back for weeks.

According to a Washington Post report citing various agency employees, the FBI gained access to the keys when investigators hacked into one of the attackers’ servers. At that time, hundreds of companies and organizations, schools, and hospitals were affected by the ransomware attacks.

It can be assumed that an immediate release of the keys by the authority would have saved many millions of dollars that had to be spent on repairing the damage. It does not yet cover consequences that cannot simply be expressed in monetary terms, for example through medical treatments that could not be carried out or unusual teaching units.

Action went nowhere

For tactical reasons of investigation, the FBI had decided to withhold the keys – that was probably also agreed with various other authorities. Because behind the attacks was the notorious REvil gang and it was hoped that they could deal a much harder blow. But that would hardly have been possible if the criminals realized that the investigators had long since had access to their server infrastructure.

However, the planned shutdown never came about. Because in July the REvil platform suddenly went offline without the US authorities having contributed. What exactly happened remains unclear. However, it has always been assumed that the REvil group operates from Russia. And she went underground a few days after a conversation between US President Joe Biden and his Russian counterpart Vladimir Putin, in which the US made it clear that stricter measures would be taken if ransomware gangs could continue to operate from Russia without any problems.